From 4f47ff665b4e24297b07e4206cdd3f3d4f77d204 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 20 Mar 2019 22:14:23 +0100 Subject: [PATCH] Updating the translations for the 1.16.4 release --- po/bg.po | 679 +++--- po/ca.po | 685 +++--- po/cs.po | 1009 ++++----- po/de.po | 685 +++--- po/es.po | 1249 ++++++----- po/eu.po | 677 +++--- po/fr.po | 687 +++--- po/hu.po | 679 +++--- po/id.po | 676 +++--- po/it.po | 718 +++--- po/ja.po | 689 +++--- po/nb.po | 676 +++--- po/nl.po | 685 +++--- po/pl.po | 722 +++--- po/pt.po | 679 +++--- po/pt_BR.po | 676 +++--- po/ru.po | 679 +++--- po/sssd.pot | 674 +++--- po/sv.po | 730 ++++--- po/tg.po | 676 +++--- po/tr.po | 676 +++--- po/uk.po | 726 ++++--- po/zh_CN.po | 678 +++--- po/zh_TW.po | 677 +++--- src/man/po/br.po | 2519 +++++++++++---------- src/man/po/ca.po | 2623 +++++++++++----------- src/man/po/cs.po | 2491 +++++++++++---------- src/man/po/de.po | 2682 ++++++++++++----------- src/man/po/es.po | 2934 ++++++++++++++----------- src/man/po/eu.po | 2487 +++++++++++---------- src/man/po/fi.po | 2515 +++++++++++---------- src/man/po/fr.po | 2694 ++++++++++++----------- src/man/po/ja.po | 2622 +++++++++++----------- src/man/po/lv.po | 2509 +++++++++++---------- src/man/po/nl.po | 2526 +++++++++++---------- src/man/po/pt.po | 2533 +++++++++++---------- src/man/po/pt_BR.po | 2487 +++++++++++---------- src/man/po/ru.po | 2507 +++++++++++---------- src/man/po/sssd-docs.pot | 2432 +++++++++++---------- src/man/po/sv.po | 4476 +++++++++++++++++++++++++------------- src/man/po/tg.po | 2507 +++++++++++---------- src/man/po/uk.po | 3695 +++++++++++++++++++------------ src/man/po/zh_CN.po | 2507 +++++++++++---------- 43 files changed, 37790 insertions(+), 31343 deletions(-) diff --git a/po/bg.po b/po/bg.po index c6f1311afaf..b0d06a4f1c9 100644 --- a/po/bg.po +++ b/po/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:44+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -78,12 +78,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Изчакване за съобщения, изпратени през SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Regex за намиране на потребителско име и домейн" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Printf-съвместим формат за изобразяване на пълно-квалифицирани имена" @@ -130,7 +130,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -258,1248 +258,1257 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Доставчик на самоличност" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Доставчик на удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Доставчик на контрол на достъп" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Доставчик на смяна на парола" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Минимално ID на потребител" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Максимално ID на потребител" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Кеширай идентификационни данни за офлайн влизане" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Съхранявай хешове на пароли" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Показвай потребители/групи в пълно -валифицирана форма" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "Ограничава или предпочита определена фамилия адреси при DNS търсения" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Колко дни да се пазят кешираните записи след последното успешно влизане" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Колко време да чакам за отговори от DNS при търсене на сървъри (секунди)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Частта Домейн от DNS заявката за откриване на услуга" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA домейн" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Адрес на IPA сървър" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Име на хост на IPA клиент" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "LDAP филтър за определяне права на достъп" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Адрес на Kerberos сървър" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos област" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Директория за съхранение на кеша за данни за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Местоположение на кеша за данни за удостоверяване на потребители" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Местоположение на keytab за валидиране на данните за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Разреши проверката на данните за удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "Записва паролата ако е офлайн за по-късно удостоверяване" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI на LDAP сървъра" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Базовият DN по подразбиране" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Използваният тип схема на LDAP сървъра, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Паролата Ви е остаряла. Сменете я сега." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Подразбиращият се bind DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Продължителност на опитите за свързване" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Продължителност на опитите за синхронни LDAP операции" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Продължителност на времето между опитите за връзка докато е офлайн" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Файл, съдържащ CA сертификати" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Път до директорията на CA сертификат" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Изисква TLS проверка на сертификат" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Задава за използване механизма sasl" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Задаване на sasl authorization id за употреба" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "keytab на Kerberos услуга" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Ползвай Kerberos auth за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Следвай LDAP референциите" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Продължителност на живот на TGT за LDAP връзка" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Продължителност на време за изчакване на заявка за търсене" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Продължителност на време между актуализации на изброяване" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Изисква TLS за ИД справките" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "атрибут Потребителско име" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "атрибут Първичен GID" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "атрибут Домашна директория" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "атрибут Команден интерпретатор" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "атрибут User principal (за Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Пълно име" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "атрибут членНа" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "атрибут Момент на промяна" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Политика за определяне срок на валидност на парола" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Списък разрешени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Списък забранени потребители, разделени със запетая" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Подразбиращ се команден интерпретатор, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Място за домашните директории" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Продължава като демон (по подразбиране)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Интерактивна работа (а не като демон)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Задаване на друг (не подразбиращия се) конфиг файл" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1681,7 +1690,7 @@ msgstr "Паролата Ви е остаряла. Сменете я сега." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Нивото на debug записи при работа" @@ -1694,7 +1703,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Грешка при задаване локални настр.\n" @@ -2130,102 +2139,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/ca.po b/po/ca.po index a7327466d4f..b921ecbd57c 100644 --- a/po/ca.po +++ b/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2017-10-15 03:02+0000\n" "Last-Translator: Robert Antoni Buj Gelonch \n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -24,7 +24,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -87,12 +87,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "El temps d'expiració per als missatges enviats a través del SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "L'expressió regular per analitzar el nom d'usuari i el domini" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Format compatible amb printf per mostrar els FQN" @@ -147,7 +147,7 @@ msgstr "" "entrades de la memòria cau (en segons)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" "Període de temps per a l'expiració de la memòria cau negativa (en segons)" @@ -296,26 +296,30 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "Si s'avaluen els atributs basats en temps a les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Si s'esbocinen els noms i les adreces dels amfitrions al fitxer known_hosts" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -323,319 +327,319 @@ msgstr "" "Quants segons s'ha de mantenir un amfitrió al fitxer known_hosts després que " "s'hagi sol·licitat la seva clau" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "La llista dels UID o dels noms d'usuari que poden accedir al contestador del " "PAC" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "La llista dels UID o dels noms d'usuari que poden accedir al contestador de " "l'InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "La llista dels atributs de l'usuari que l'InfoPipe pot publicar" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Proveïdor d'identitat" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Proveïdor d'autenticació" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Proveïdor de control d'accés" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Proveïdor de canvi de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "Proveïdor de SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Proveïdor d'Autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Proveïdor d'identitat d'amfitrions" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Id. mínim d'usuari" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Id. màxim d'usuari" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Habilita l'enumeració de tots els usuaris/grups" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Credencials en memòria cau per als inicis de sessions sense connexió" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Emmagatzema els codis hash de les contrasenyes" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Mostra els usuaris/grups en format plenament qualificat" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "No incloure als membres dels grups en la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" "Període de temps per a l'expiració de les entrades de la memòria cau (en " "segons)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Restringeix o prefereix una família específica d'adreces quan es realitzi la " "recerca del DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Quant de temps s'han de mantenir les entrades en la memòria cau després de " "l'últim inici de sessió reeixit (en dies)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Temps d'expiració per a les respostes del DNS en la resolució dels servidors " "(en segons)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "La part del domini de la consulta DNS del descobriment del servei" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" "Substitueix el valor del GID del proveïdor d'identitat amb aquest valor" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Distingeix entre majúscules i minúscules als noms d'usuari" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Amb quina freqüència les entrades vençudes s'actualitzen al rerefons" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Si s'actualitza automàticament l'entrada DNS del client" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "El TTL per aplicar a l'entrada DNS del client després d'actualitzar-ho" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "La interfície amb la IP que s'hauria d'utilitzar per a les actualitzacions " "dinàmiques DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Cada quant s'actualitzarà automàticament l'entrada DNS del client" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Si el proveïdor ha d'actualitzar explícitament així el registre PTR" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Si la utilitat nsupdate per defecte ha d'utilitzar TCP" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Quin tipus d'autenticació s'ha d'utilitzar per realitzar l'actualització del " "DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Control de l'enumeració dels amfitrions de confiança" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Amb quina freqüència s'ha de refrescar la llista dels subdominis" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "Llista de les opcions que han de ser inherents a un subdomini" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Domini IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Adreça del servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adreça del servidor IPA de reserva " -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nom d'amfitrió del client IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Base de cerca per als objectes relacionats amb HBAC" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Quantitat de temps entre recerques de les regles HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -643,114 +647,114 @@ msgstr "" "Quantitat de temps en segons entre recerques de les assignacions SELinux " "contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat amb " "PAM" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" "La ubicació de l'eina de muntatge automàtic que aquest client IPA està " "utilitzant" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" "Base de cerca per a l'objecte que conté la informació sobre el domini de " "l'IPA" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" "Base de cerca per als objectes que contenen informació sobre els intervals " "d'id." -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" "Habilita els llocs DNS - el descobriment del servei es basa en la ubicació" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "Base de cerca per als contenidors de la vista" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "Objectclass per als contenidors de la vista" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "L'atribut amb el nom de la vista" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "Objectclass per substituir els objectes" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "L'atribut amb la referència a l'objecte original" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "Objectclass per als objectes de substitució d'usuari" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "Objectclass per als objectes de substitució de grup" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Domini Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Adreça del servidor de l'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Adreça del servidor de l'Active Directory de reserva" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Nom d'amfitrió del client d'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP per determinar els privilegis d'accés" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Si s'utilitza el catàleg global per a les recerques" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Mode d'operació per al control d'accés basat en GPO" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" @@ -758,7 +762,7 @@ msgstr "" "Quantitat de temps entre recerques de fitxers de polítiques GPO contra el " "servidor d'AD" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -766,7 +770,7 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)InteractiveLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -774,265 +778,270 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)RemoteInteractiveLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)NetworkLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)BatchLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)ServiceLogonRight del GPO" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls garanteix l'accés basat en " "GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls denega l'accés basat en GPO" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Dret (permet o denega) predeterminat de l'inici de sessió a utilitzar per " "als noms dels serveis del PAM sense assignar" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "un lloc determinat per utilitzar amb el client" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Adreça del servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Adreça del servidor Kerberos de reserva" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Reialme Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Temps d'expiració de l'autenticació" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Si es creen els fitxers kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "Si es rebutgen les parts de la configuració del krb5" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Directori per emmagatzemar la memòria cau de les credencials" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Ubicació de la memòria cau de les credencials de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Ubicació de la clau per validar les credencials" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Habilita la validació de credencials" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "Emmagatzema la contrasenya si s'està desconnectat per a l'autenticació " "posterior amb connexió" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Temps de vida renovable del TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Temps de vida del TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Temps entre les dues comprovacions per a la renovació" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Habilita FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Selecciona el principal per utilitzar amb FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Habilita la canonització del principal" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Habilita els principals empresarials" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor on es troba el servei de canvi de contrasenya si no està al KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "El DN base per defecte" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "El DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" "El tipus del testimoni d'autenticació del DN de creació del vincle per " "defecte" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "El testimoni d'autenticació del DN de creació del vincle per defecte" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Període de temps per intentar una connexió" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Període de temps per intentar operacions LDAP asíncrones" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Període de temps entre els intents per tornar a connectar mentre s'està " "desconnectat" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Utilitza només majúscules pels noms de reialme" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Fitxer que conté els certificats de l'AC" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Camí al directori del certificat de l'AC" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Fitxer que conté el certificat de client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Fitxer que conté la clau de client" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Llista de paquets de xifrat possibles" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Requereix verificació de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Especifica el mecanisme SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Especifica l'id. d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reialme d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Taula de claus del servei del Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Segueix les referències LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Temps de vida del TGT per la connexió LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Com desreferenciar els àlies" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Nom del servei per a la recerca del servei del DNS" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "El nombre de registres a recuperar en una sola consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "El nombre de membres que han de faltar per activar una de-referència completa" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1040,392 +1049,394 @@ msgstr "" "Si la biblioteca LDAP hauria de realitzar una recerca inversa per canonitzar " "el nom d'amfitrió durant la creació del vincle SASL" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "L'atribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "L'atribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " "desconnectar" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Inhabilita el control de paginació LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Període de temps per esperar una petició de cerca" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Període de temps per esperar una petició d'enumeració" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Període de temps entre les actualitzacions de les enumeracions" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Període de temps entre les neteges de la memòria cau" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Requereix TLS per a la recerca d'id." -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-establerts" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "DN base per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Abast de la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtre per a la recerca de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass per als usuaris" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "L'atribut nom d'usuari" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "L'atribut UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "L'atribut GID primari" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "L'atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "L'atribut directori inicial" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "L'atribut shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "L'atribut UUID" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "L'atribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "L'atribut grup primari de l'Active Directory per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "L'atribut usuari principal (per a Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "L'atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "L'atribut data de modificació" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "L'atribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "L'atribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "L'atribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "L'atribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "L'atribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "L'atribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "L'atribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "L'atribut que llista els serveis PAM autoritzats" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "L'atribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "L'atribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" "L'atribut que indica l'activació de les polítiques de contrasenya de servidor" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "L'atribut accountExpires de l'AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "L'atribut userAccountControl de l'AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "L'atribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "L'atribut loginDisabled del NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "L'atribut loginExpirationTime del NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "L'atribut loginAllowedTimeMap del NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "L'atribut clau pública SSH" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "atribut que llista els tipus permesos d'autenticació per a un usuari" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "atribut que conté el certificat X509 de l'usuari" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Una llista dels atributs extres per baixar juntament amb l'entrada de " "l'usuari" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "DN base per a la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "L'objectclass per als grups" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Nom del grup" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Contrasenya del grup" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "L'atribut GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "L'atribut membre del grup" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "L'atribut UUID del grup" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "L'atribut data de modificació per als grups" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Tipus del grup i altres senyals" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "DN base per a la recerca del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "L'objectclass per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Nom de grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "L'atribut membres del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "L'atribut triple del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "L'atribut data de modificació per als grups de xarxa" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "DN base per a la recerca del servei" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Objectclass per als serveis" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "L'atribut nom del servei" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "L'atribut port del servei" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "L'atribut protocol del servei" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Límit inferior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Límit superior per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombres d'id. per cada porció en l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Nom del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup" +msgstr "DN base per a la recerca del grup" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a la recerca del grup inicial" +msgstr "DN base per a la recerca del grup de xarxa" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Si s'utilitzen els grups amb testimonis" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "DN per a les consultes ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Política per avaluar el venciment de la contrasenya" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1433,23 +1444,23 @@ msgstr "" "Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de " "contrasenya" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "DN base per a la recerca de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Període d'actualització automàtica completa" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Període d'actualització automàtica intel·ligent" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1457,167 +1468,167 @@ msgstr "" "Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " "per filtrar les regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Si s'inclouen les regles que contenen expressions regulars a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Objectclass de les regles sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Nom de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Attribut command de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "L'atribut host de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "L'atribut user de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "L'atribut option de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "L'atribut runas de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "L'atribut runasuser de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "L'atribut runasgroup de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "L'atribut notbefore de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "L'atribut notafter de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "L'atribut order de la regla sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" "Objectclass per a les entrades de les assignacions de l'eina de muntatge " "automàtic" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" "L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" "L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" "DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Llista separada per comes dels usuaris autoritzats" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Llista separada per comes dels usuaris no autoritzats" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "El shell predeterminat, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Base per als directoris inicials" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "El nom de la biblioteca NSS a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Si se cerca el nom del grup canònic des de la memòria cau, si és possible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Pila PAM a utilitzar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Esdevé un dimoni (per defecte)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Executa en mode interactiu (no com a dimoni)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especifica un fitxer de configuració diferent del predeterminat" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Imprimeix el número de versió i surt" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1803,7 +1814,7 @@ msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "El nivell de depuració amb què s'executa" @@ -1816,7 +1827,7 @@ msgstr "El domini SSSD a utilitzar" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "S'ha produït un error en establir la configuració regional\n" @@ -2288,95 +2299,95 @@ msgid "Transaction error. Could not modify user.\n" msgstr "" "S'ha produït un error en la transacció. No s'ha pogut modificar l'usuari.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "Cap objecte de la memòria cau ha coincidit amb la cerca especificada\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "No s'ha pogut invalidar %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "No s'ha pogut invalidar %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Invalida un usuari determinat" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Invalida tots els usuaris" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Invalida un grup determinat" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Invalida tots els grups" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Invalida un grup de xarxa determinat" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Invalida tots els grups de xarxa" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Invalida un servei determinat" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Invalida tots els serveis" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Invalida una assignació autofs determinada" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Invalida totes les assignacions autofs" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "Invalida un amfitrió SSH determinat" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "Invalida tots els amfitrions SSH" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Invalida les entrades només d'un domini determinat" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Si us plau, seleccioneu almenys un objecte a invalidar\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2385,7 +2396,7 @@ msgstr "" "No es pot obrir el domini %1$s. Si el domini és un subdomini (domini de " "confiança), utilitzeu el FQN en lloc del paràmetre --domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "No s'han pogut obrir els dominis disponibles\n" diff --git a/po/cs.po b/po/cs.po index cfc2f7480d5..464f86779eb 100644 --- a/po/cs.po +++ b/po/cs.po @@ -1,23 +1,24 @@ # Zdenek , 2017. #zanata +# Pavel Borecki , 2018. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-03-09 12:31+0100\n" +"POT-Creation-Date: 2019-02-27 19:55+0100\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"PO-Revision-Date: 2017-09-11 08:51+0000\n" -"Last-Translator: Zdenek \n" +"PO-Revision-Date: 2018-11-26 03:30+0000\n" +"Last-Translator: Pavel Borecki \n" "Language-Team: Czech\n" "Language: cs\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 msgid "Set the verbosity of the debug logging" -msgstr "" +msgstr "Nastavit úroveň podrobnosti zaznamenávání ladících informací" #: src/config/SSSDConfig/__init__.py.in:45 msgid "Include timestamps in debug logs" @@ -37,7 +38,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:49 msgid "Command to start service" -msgstr "" +msgstr "Příkaz pro spouštění služy" #: src/config/SSSDConfig/__init__.py.in:50 msgid "Number of times to attempt connection to Data Providers" @@ -72,12 +73,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -124,7 +125,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:116 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -134,11 +135,11 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:76 msgid "Users that SSSD should explicitly ignore" -msgstr "" +msgstr "Uživatelé, které by SSSD mělo výslovně ignorovat" #: src/config/SSSDConfig/__init__.py.in:77 msgid "Groups that SSSD should explicitly ignore" -msgstr "" +msgstr "Skupiny, které by SSSD mělo výslovně ignorovat" #: src/config/SSSDConfig/__init__.py.in:78 msgid "Should filtered users appear in groups" @@ -164,6 +165,8 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:83 msgid "The list of shells users are allowed to log in with" msgstr "" +"Seznam uživatelů s přístupem do shellu, kterým je umožněno se přihlásit " +"pomocí" #: src/config/SSSDConfig/__init__.py.in:84 msgid "" @@ -224,7 +227,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:99 msgid "List of domains accessible even for untrusted users." -msgstr "" +msgstr "Seznam domén přístupných i nedůvěryhodným uživatelům." #: src/config/SSSDConfig/__init__.py.in:100 msgid "Message printed when user account is expired." @@ -232,7 +235,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:101 msgid "Message printed when user account is locked." -msgstr "" +msgstr "Zpráva vypisovaná když je účet uživatele uzamčen." #: src/config/SSSDConfig/__init__.py.in:102 msgid "Allow certificate based/Smartcard authentication." @@ -250,1029 +253,1032 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:107 +msgid "Additional timeout to wait for a card if requested" +msgstr "" + #: src/config/SSSDConfig/__init__.py.in:108 +msgid "" +"PKCS#11 URI to restrict the selection of devices for Smartcard " +"authentication" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:112 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:113 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:120 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:121 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:124 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:125 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:128 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:129 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:135 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "" "The username to use when authenticating to a Custodia server using " "basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "The password to use when authenticating to a Custodia server using " "basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "" "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to directory where certificate authority certificates are stored" msgstr "" +"Popis umístění složky ve které jsou uchovávány certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:149 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:150 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Identity provider" -msgstr "" +msgstr "Poskytovatel identity" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Authentication provider" -msgstr "" +msgstr "Poskytovatel ověřování" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "Access control provider" -msgstr "" +msgstr "Poskytovatel řízení přístupu" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Password change provider" -msgstr "" +msgstr "Poskytovatel změny hesel" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "SUDO provider" -msgstr "" +msgstr "Poskytovatel SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "Autofs provider" -msgstr "" +msgstr "Poskytovatel autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Host identity provider" -msgstr "" +msgstr "Poskytovatel identity strojů" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:160 msgid "SELinux provider" -msgstr "" +msgstr "Poskytovatel SELinux" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:161 msgid "Session management provider" -msgstr "" +msgstr "Poskytovatel správy sezení" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 -msgid "Store password hashes" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:170 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 -#: src/config/SSSDConfig/__init__.py.in:177 +#: src/config/SSSDConfig/__init__.py.in:171 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:177 msgid "Treat usernames as case sensitive" -msgstr "" +msgstr "U uživatelských jmen rozlišovat velká a malá písmena" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:185 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "How often should subdomains list be refreshed" -msgstr "" +msgstr "Jak často má být znovu načítán seznam dílčích domén" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:200 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "IPA server address" -msgstr "" +msgstr "Adresa IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "Address of backup IPA server" -msgstr "" +msgstr "Adresa záložního IPA serveru" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:216 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:235 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:227 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Active Directory domain" -msgstr "" +msgstr "Doména Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory server address" -msgstr "" +msgstr "Adresa serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory backup server address" -msgstr "" +msgstr "Adresa záložního serveru s Active Directory" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 +#: src/config/SSSDConfig/__init__.py.in:236 #: src/config/SSSDConfig/__init__.py.in:420 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:250 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 -#: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos server address" -msgstr "" +msgstr "Adresa kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos backup server address" -msgstr "" +msgstr "Adresa záložního kerberos serveru" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:259 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Directory to store credential caches" -msgstr "" +msgstr "Složka ve které ukládat mezipaměť přihlašovacích údajů" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:274 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 -#: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 +#: src/config/SSSDConfig/__init__.py.in:278 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:284 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" -msgstr "" +msgstr "Soubor obsahující certifikáty cert. autorit" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" -msgstr "" +msgstr "Popis umístění složky s certifikáty cert. autority" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" -msgstr "" +msgstr "Soubor obsahující klientský certifikát" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" -msgstr "" +msgstr "Soubor který obsahuje klientský klíč" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" -msgstr "" +msgstr "Vyžadovat ověření TSL certifikátem" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "" "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" -msgstr "" +msgstr "Atribut uživatelské jméno" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" -msgstr "" +msgstr "Atribut domovská složka" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" -msgstr "" +msgstr "Atribut shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" # auto translated by TM merge from project: Cockpit, version: rhel-7.4, DocId: cockpit -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Celé jméno" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" -msgstr "" +msgstr "Atribut veřejná část ssh klíče" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" -msgstr "" +msgstr "Název skupiny" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" -msgstr "" +msgstr "Heslo skupiny" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" -msgstr "" +msgstr "Atribut název služby" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" -msgstr "" +msgstr "Atribut port služby" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" -msgstr "" +msgstr "Atribut protokol služby" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 -msgid "Number of secondary slices" -msgstr "" - #: src/config/SSSDConfig/__init__.py.in:408 -msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "" - -#: src/config/SSSDConfig/__init__.py.in:409 -msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" +msgid "Number of secondary slices" msgstr "" #: src/config/SSSDConfig/__init__.py.in:410 @@ -1297,7 +1303,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:417 msgid "Policy to evaluate the password expiration" -msgstr "" +msgstr "Pravidlo pro vyhodnocení skončení platnosti hesla" #: src/config/SSSDConfig/__init__.py.in:421 msgid "Which attributes shall be used to evaluate if an account is expired" @@ -1434,15 +1440,15 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:461 msgid "Comma separated list of allowed users" -msgstr "" +msgstr "Čárkou oddělovaný seznam uživatelů, kterým je umožněn přístup" #: src/config/SSSDConfig/__init__.py.in:462 msgid "Comma separated list of prohibited users" -msgstr "" +msgstr "Čárkou oddělovaný seznam uživatelů, kterým je odepřen přístup" #: src/config/SSSDConfig/__init__.py.in:465 msgid "Default shell, /bin/bash" -msgstr "" +msgstr "Výchozí shell, /bin/bash" #: src/config/SSSDConfig/__init__.py.in:466 msgid "Base for home directories" @@ -1464,220 +1470,232 @@ msgstr "" msgid "PAM stack to use" msgstr "" -#: src/monitor/monitor.c:2449 -msgid "Become a daemon (default)" +#: src/config/SSSDConfig/__init__.py.in:479 +msgid "Path of passwd file sources." msgstr "" -#: src/monitor/monitor.c:2451 -msgid "Run interactive (not a daemon)" +#: src/config/SSSDConfig/__init__.py.in:480 +msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2347 +msgid "Become a daemon (default)" +msgstr "Přejít v proces služby (výchozí)" + +#: src/monitor/monitor.c:2349 +msgid "Run interactive (not a daemon)" +msgstr "Spustit interaktivně (ne jako proces služby)" + +#: src/monitor/monitor.c:2352 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2354 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2356 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 -msgid "Print version number and exit" +#: src/monitor/monitor.c:2359 +msgid "Similar to --genconf, but only refreshes the given section" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2362 +msgid "Print version number and exit" +msgstr "Vypsat " + +#: src/monitor/monitor.c:2538 msgid "SSSD is already running\n" -msgstr "" +msgstr "SSSD už je spuštěné" -#: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:617 +#: src/providers/krb5/krb5_child.c:3219 src/providers/ldap/ldap_child.c:605 msgid "Debug level" msgstr "" -#: src/providers/krb5/krb5_child.c:3218 src/providers/ldap/ldap_child.c:619 +#: src/providers/krb5/krb5_child.c:3221 src/providers/ldap/ldap_child.c:607 msgid "Add debug timestamps" msgstr "" -#: src/providers/krb5/krb5_child.c:3220 src/providers/ldap/ldap_child.c:621 +#: src/providers/krb5/krb5_child.c:3223 src/providers/ldap/ldap_child.c:609 msgid "Show timestamps with microseconds" msgstr "" -#: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:623 +#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:625 +#: src/providers/krb5/krb5_child.c:3228 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." msgstr "" -#: src/providers/krb5/krb5_child.c:3228 +#: src/providers/krb5/krb5_child.c:3231 msgid "The user to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3230 +#: src/providers/krb5/krb5_child.c:3233 msgid "The group to create FAST ccache as" msgstr "" -#: src/providers/krb5/krb5_child.c:3232 +#: src/providers/krb5/krb5_child.c:3235 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:3234 +#: src/providers/krb5/krb5_child.c:3237 msgid "Requested lifetime of the ticket" -msgstr "" +msgstr "Požadovaná životnost lístku" -#: src/providers/krb5/krb5_child.c:3236 +#: src/providers/krb5/krb5_child.c:3239 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:3238 +#: src/providers/krb5/krb5_child.c:3241 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:3241 +#: src/providers/krb5/krb5_child.c:3244 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:3243 +#: src/providers/krb5/krb5_child.c:3246 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:3245 +#: src/providers/krb5/krb5_child.c:3248 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/data_provider_be.c:555 +#: src/providers/data_provider_be.c:630 msgid "Domain of the information provider (mandatory)" msgstr "" -#: src/sss_client/common.c:1066 +#: src/sss_client/common.c:1067 msgid "Privileged socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1069 +#: src/sss_client/common.c:1070 msgid "Public socket has wrong ownership or permissions." msgstr "" -#: src/sss_client/common.c:1072 +#: src/sss_client/common.c:1073 msgid "Unexpected format of the server credential message." msgstr "" -#: src/sss_client/common.c:1075 +#: src/sss_client/common.c:1076 msgid "SSSD is not run by root." -msgstr "" +msgstr "SSSD není spouštěno správcem." -#: src/sss_client/common.c:1080 +#: src/sss_client/common.c:1081 msgid "An error occurred, but no description can be found." -msgstr "" +msgstr "Došlo k chybě, ale nedaří se najít popis." -#: src/sss_client/common.c:1086 +#: src/sss_client/common.c:1087 msgid "Unexpected error while looking for an error description" -msgstr "" +msgstr "Neočekávaná chyba při hledání popisu chyby" -#: src/sss_client/pam_sss.c:76 +#: src/sss_client/pam_sss.c:67 msgid "Permission denied. " -msgstr "" +msgstr "Přístup odepřen." -#: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 -#: src/sss_client/pam_sss.c:793 +#: src/sss_client/pam_sss.c:68 src/sss_client/pam_sss.c:774 +#: src/sss_client/pam_sss.c:785 msgid "Server message: " -msgstr "" +msgstr "Zpráva ze serveru:" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/sss_client/pam_sss.c:300 +#: src/sss_client/pam_sss.c:292 msgid "Passwords do not match" -msgstr "Hesla nejsou stejná." +msgstr "Zadání hesla se neshodují" -#: src/sss_client/pam_sss.c:488 +#: src/sss_client/pam_sss.c:480 msgid "Password reset by root is not supported." -msgstr "" +msgstr "Reset hesla správcem není podporován." -#: src/sss_client/pam_sss.c:529 +#: src/sss_client/pam_sss.c:521 msgid "Authenticated with cached credentials" -msgstr "" +msgstr "Přihlášeni přihlašovacími údaji z mezipaměti" -#: src/sss_client/pam_sss.c:530 +#: src/sss_client/pam_sss.c:522 msgid ", your cached password will expire at: " -msgstr "" +msgstr ", platnost mezipaměti skončí v:" -#: src/sss_client/pam_sss.c:560 +#: src/sss_client/pam_sss.c:552 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." msgstr "" -#: src/sss_client/pam_sss.c:606 +#: src/sss_client/pam_sss.c:598 #, c-format msgid "Your password will expire in %1$d %2$s." -msgstr "" +msgstr "Platnost vašeho hesla skončí v %1$d %2$s." -#: src/sss_client/pam_sss.c:655 +#: src/sss_client/pam_sss.c:647 msgid "Authentication is denied until: " -msgstr "" +msgstr "Ověření odepřeno do:" -#: src/sss_client/pam_sss.c:676 +#: src/sss_client/pam_sss.c:668 msgid "System is offline, password change not possible" -msgstr "" +msgstr "Systém není dostupný, změna hesla není možná" -#: src/sss_client/pam_sss.c:691 +#: src/sss_client/pam_sss.c:683 msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" -#: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 +#: src/sss_client/pam_sss.c:771 src/sss_client/pam_sss.c:784 msgid "Password change failed. " -msgstr "" +msgstr "Změna hesla se nezdařila." -#: src/sss_client/pam_sss.c:1926 +#: src/sss_client/pam_sss.c:1921 msgid "New Password: " -msgstr "" +msgstr "Nové heslo:" -#: src/sss_client/pam_sss.c:1927 +#: src/sss_client/pam_sss.c:1922 msgid "Reenter new Password: " -msgstr "" +msgstr "Zopakování nového hesla:" -#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 +#: src/sss_client/pam_sss.c:2038 src/sss_client/pam_sss.c:2041 msgid "First Factor: " msgstr "" -#: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 +#: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2201 msgid "Second Factor (optional): " msgstr "" -#: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 +#: src/sss_client/pam_sss.c:2042 src/sss_client/pam_sss.c:2204 msgid "Second Factor: " msgstr "" # auto translated by TM merge from project: anaconda, version: f25, DocId: main -#: src/sss_client/pam_sss.c:2058 +#: src/sss_client/pam_sss.c:2057 msgid "Password: " msgstr "Heslo: " -#: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 +#: src/sss_client/pam_sss.c:2200 src/sss_client/pam_sss.c:2203 msgid "First Factor (Current Password): " msgstr "" -#: src/sss_client/pam_sss.c:2208 +#: src/sss_client/pam_sss.c:2207 msgid "Current Password: " -msgstr "" +msgstr "Stávající heslo:" -#: src/sss_client/pam_sss.c:2536 +#: src/sss_client/pam_sss.c:2562 msgid "Password expired. Change your password now." -msgstr "" +msgstr "Platnost hesla skončila. Změňte si ho." -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:203 src/tools/sss_useradd.c:48 +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:41 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:204 src/tools/sss_useradd.c:48 #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" -#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42 -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:207 +#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:43 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:208 msgid "The SSSD domain to use" msgstr "" @@ -1685,13 +1703,13 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" -msgstr "" +msgstr "Chyba při nastavování místního a jazykového nastavení\n" #: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64 msgid "Not enough memory\n" -msgstr "" +msgstr "Nedostatek paměti\n" #: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83 msgid "User not specified\n" @@ -1701,19 +1719,23 @@ msgstr "" msgid "Error looking up public keys\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:205 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:206 msgid "The port to use to connect to the host" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 +msgid "Print the host ssh public keys" +msgstr "" + +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:254 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:257 msgid "Host not specified\n" msgstr "" -#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:260 +#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:263 msgid "The path to the proxy command must be absolute\n" msgstr "" @@ -2114,102 +2136,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" @@ -2298,38 +2320,38 @@ msgstr "" msgid "Cached in InfoPipe" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:512 +#: src/tools/sssctl/sssctl_cache.c:522 #, c-format msgid "Error: Unable to get object [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:528 +#: src/tools/sssctl/sssctl_cache.c:538 #, c-format msgid "%s: Unable to read value [%d]: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:556 +#: src/tools/sssctl/sssctl_cache.c:566 msgid "Specify name." msgstr "" -#: src/tools/sssctl/sssctl_cache.c:566 +#: src/tools/sssctl/sssctl_cache.c:576 #, c-format msgid "Unable to parse name %s.\n" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 +#: src/tools/sssctl/sssctl_cache.c:602 src/tools/sssctl/sssctl_cache.c:649 msgid "Search by SID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:593 +#: src/tools/sssctl/sssctl_cache.c:603 msgid "Search by user ID" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:602 +#: src/tools/sssctl/sssctl_cache.c:612 msgid "Initgroups expiration time" msgstr "" -#: src/tools/sssctl/sssctl_cache.c:640 +#: src/tools/sssctl/sssctl_cache.c:650 msgid "Search by group ID" msgstr "" @@ -2394,8 +2416,8 @@ msgstr "" msgid "Unable to import group overrides\n" msgstr "" -#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:74 -#: src/tools/sssctl/sssctl_domains.c:339 +#: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:82 +#: src/tools/sssctl/sssctl_domains.c:315 msgid "Start SSSD if it is not running" msgstr "" @@ -2440,69 +2462,75 @@ msgstr "" msgid "Restoring local data...\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:75 +#: src/tools/sssctl/sssctl_domains.c:83 msgid "Show domain list including primary or trusted domain type" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:105 src/tools/sssctl/sssctl_domains.c:354 +#: src/tools/sssctl/sssctl_user_checks.c:95 +#, c-format +msgid "Unable to connect to system bus!\n" +msgstr "" + +#: src/tools/sssctl/sssctl_domains.c:167 #, c-format msgid "Online status: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:167 msgid "Online" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:156 +#: src/tools/sssctl/sssctl_domains.c:167 msgid "Offline" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:214 +#: src/tools/sssctl/sssctl_domains.c:212 #, c-format msgid "Active servers:\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:231 +#: src/tools/sssctl/sssctl_domains.c:223 msgid "not connected" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:278 +#: src/tools/sssctl/sssctl_domains.c:260 #, c-format msgid "Discovered %s servers:\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:296 +#: src/tools/sssctl/sssctl_domains.c:272 msgid "None so far.\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:336 +#: src/tools/sssctl/sssctl_domains.c:312 msgid "Show online status" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:337 +#: src/tools/sssctl/sssctl_domains.c:313 msgid "Show information about active server" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:338 +#: src/tools/sssctl/sssctl_domains.c:314 msgid "Show list of discovered servers" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:344 +#: src/tools/sssctl/sssctl_domains.c:320 msgid "Specify domain name." msgstr "" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa -#: src/tools/sssctl/sssctl_domains.c:360 +#: src/tools/sssctl/sssctl_domains.c:342 #, c-format msgid "Out of memory!\n" msgstr "Nedostatek paměti\n" -#: src/tools/sssctl/sssctl_domains.c:377 src/tools/sssctl/sssctl_domains.c:387 +#: src/tools/sssctl/sssctl_domains.c:362 src/tools/sssctl/sssctl_domains.c:372 #, c-format msgid "Unable to get online status\n" msgstr "" -#: src/tools/sssctl/sssctl_domains.c:397 +#: src/tools/sssctl/sssctl_domains.c:382 #, c-format msgid "Unable to get server list\n" msgstr "" @@ -2554,101 +2582,80 @@ msgstr "" msgid "Specify debug level you want to set" msgstr "" -#: src/tools/sssctl/sssctl_sifp.c:28 -msgid "" -"Check that SSSD is running and the InfoPipe responder is enabled. Make sure " -"'ifp' is listed in the 'services' option in sssd.conf.\n" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format -msgid "Unable to connect to the InfoPipe" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format -msgid "Unable to get user object" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:101 +#: src/tools/sssctl/sssctl_user_checks.c:117 #, c-format msgid "SSSD InfoPipe user lookup result:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format -msgid "Unable to get user name attr" -msgstr "" - -#: src/tools/sssctl/sssctl_user_checks.c:146 +#: src/tools/sssctl/sssctl_user_checks.c:167 #, c-format msgid "dlopen failed with [%s].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:153 +#: src/tools/sssctl/sssctl_user_checks.c:174 #, c-format msgid "dlsym failed with [%s].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:161 +#: src/tools/sssctl/sssctl_user_checks.c:182 #, c-format msgid "malloc failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:168 +#: src/tools/sssctl/sssctl_user_checks.c:189 #, c-format msgid "sss_getpwnam_r failed with [%d].\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:173 +#: src/tools/sssctl/sssctl_user_checks.c:194 #, c-format msgid "SSSD nss user lookup result:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:174 +#: src/tools/sssctl/sssctl_user_checks.c:195 #, c-format msgid " - user name: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:175 +#: src/tools/sssctl/sssctl_user_checks.c:196 #, c-format msgid " - user id: %d\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:176 +#: src/tools/sssctl/sssctl_user_checks.c:197 #, c-format msgid " - group id: %d\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:177 +#: src/tools/sssctl/sssctl_user_checks.c:198 #, c-format msgid " - gecos: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:178 +#: src/tools/sssctl/sssctl_user_checks.c:199 #, c-format msgid " - home directory: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:179 +#: src/tools/sssctl/sssctl_user_checks.c:200 #, c-format msgid " - shell: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:211 +#: src/tools/sssctl/sssctl_user_checks.c:232 msgid "PAM action [auth|acct|setc|chau|open|clos], default: " msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:214 +#: src/tools/sssctl/sssctl_user_checks.c:235 msgid "PAM service, default: " msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:219 +#: src/tools/sssctl/sssctl_user_checks.c:240 msgid "Specify user name." msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:226 +#: src/tools/sssctl/sssctl_user_checks.c:247 #, c-format msgid "user: %s\n" "action: %s\n" @@ -2656,125 +2663,125 @@ msgid "user: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:232 +#: src/tools/sssctl/sssctl_user_checks.c:253 #, c-format msgid "User name lookup with [%s] failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:237 +#: src/tools/sssctl/sssctl_user_checks.c:258 #, c-format msgid "InfoPipe User lookup with [%s] failed.\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:244 +#: src/tools/sssctl/sssctl_user_checks.c:265 #, c-format msgid "pam_start failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:249 +#: src/tools/sssctl/sssctl_user_checks.c:270 #, c-format msgid "testing pam_authenticate\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:253 +#: src/tools/sssctl/sssctl_user_checks.c:274 #, c-format msgid "pam_get_item failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:257 +#: src/tools/sssctl/sssctl_user_checks.c:278 #, c-format msgid "pam_authenticate for user [%s]: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:260 +#: src/tools/sssctl/sssctl_user_checks.c:281 #, c-format msgid "testing pam_chauthtok\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:262 +#: src/tools/sssctl/sssctl_user_checks.c:283 #, c-format msgid "pam_chauthtok: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:264 +#: src/tools/sssctl/sssctl_user_checks.c:285 #, c-format msgid "testing pam_acct_mgmt\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:266 +#: src/tools/sssctl/sssctl_user_checks.c:287 #, c-format msgid "pam_acct_mgmt: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:268 +#: src/tools/sssctl/sssctl_user_checks.c:289 #, c-format msgid "testing pam_setcred\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:270 +#: src/tools/sssctl/sssctl_user_checks.c:291 #, c-format msgid "pam_setcred: [%s]\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:272 +#: src/tools/sssctl/sssctl_user_checks.c:293 #, c-format msgid "testing pam_open_session\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:274 +#: src/tools/sssctl/sssctl_user_checks.c:295 #, c-format msgid "pam_open_session: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:276 +#: src/tools/sssctl/sssctl_user_checks.c:297 #, c-format msgid "testing pam_close_session\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:278 +#: src/tools/sssctl/sssctl_user_checks.c:299 #, c-format msgid "pam_close_session: %s\n" "\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:281 +#: src/tools/sssctl/sssctl_user_checks.c:302 #, c-format msgid "unknown action\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:284 +#: src/tools/sssctl/sssctl_user_checks.c:305 #, c-format msgid "PAM Environment:\n" msgstr "" -#: src/tools/sssctl/sssctl_user_checks.c:292 +#: src/tools/sssctl/sssctl_user_checks.c:313 #, c-format msgid " - no env -\n" msgstr "" -#: src/util/util.h:75 +#: src/util/util.h:73 msgid "The user ID to run the server as" msgstr "" -#: src/util/util.h:77 +#: src/util/util.h:75 msgid "The group ID to run the server as" msgstr "" -#: src/util/util.h:85 +#: src/util/util.h:83 msgid "Informs that the responder has been socket-activated" msgstr "" -#: src/util/util.h:87 +#: src/util/util.h:85 msgid "Informs that the responder has been dbus-activated" msgstr "" diff --git a/po/de.po b/po/de.po index 71dfe96e0a6..1c444a00154 100644 --- a/po/de.po +++ b/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -82,12 +82,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Zeitüberschreitung für Meldungen, die über SBUS gesendet werden" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Regulärer Ausdruck zum Verarbeiten von Benutzername und Domain" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" "Printf-kompatibles Format für die Darstellung voll ausgeschriebener Namen" @@ -138,7 +138,7 @@ msgstr "" "Zeitspanne für die Aktualisierung des Eintrags-Zwischenspeichers (Sekunden)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Zeitspanne für den negativen Zwischenspeicher (Sekunden)" @@ -284,28 +284,32 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" "Gibt an, ob zeitbasierte Attribute in Sudo-Regeln berechnet werden sollen" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Gibt an, ob Prüfsummen von Hostnamen und Adressen in der Datei known_hosts " "gespeichert werden" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -313,322 +317,322 @@ msgstr "" "Anzahl der Sekunden, die ein Rechner in der Datei known_host behalten werden " "soll, nachdem dessen Schlüssel abgefragt wurden" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den PAC-" "Responder" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Liste von Benutzer-IDs oder Benutzernamen für den Zugriff auf den InfoPipe-" "Responder" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Liste der Benutzerattribute, die InfoPipe veröffentlichen darf" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Identitäts-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Authentifizierungs-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Zugriffskontroll-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Passwortänderungs-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "SUDO-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Autofs-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Rechner-Identitäts-Anbieter" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Minimale Benutzer‐ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Maximale Benutzer‐ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Auflistung aller Benutzer/Gruppen aktivieren" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Zwischengespeicherte Anmeldedaten für Offline-Anmeldung" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Passwort-Prüfsummen speichern" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Benutzer/Gruppen in voll ausgeschriebener Form anzeigen" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Gruppenmitglieder in Gruppen-Suchanfragen nicht einschließen" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Zeitspanne für den Eintrags-Zwischenspeicher (Sekunden)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Eine spezifische Adressfamilie beim Ausführen von DNS-Suchanfragen " "beschränken oder bevorzugen" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Gibt die Anzahl der Tage an, wie lange zwischengespeicherte Einträge nach " "der letzten Anmeldung aufbewahrt werden" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Gibt die Anzahl Sekunden an, wie lange beim Auflösen von Servernamen auf " "Antworten vom DNS-Dienst gewartet werden soll" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Der Domain-Teil der DNS-Abfrage zur Dienstsuche" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" "Den Gruppen-ID-Wert des Identitäts-Anbieters mit diesem Wert überschreiben" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Groß-/Kleinschreibung in Benutzernamen berücksichtigen" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Anzahl der Auffrischung abgelaufener Einträge im Hintergrund" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Automatische Aktualisierung des DNS-Eintrags des Clients" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "Die auf den DNS-Eintrag des Clients anzuwendende TTL, nachdem dieser " "aktualisiert wurde" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Schnittstelle, deren IP für dynamische DNS-Aktualisierungen verwendet werden " "soll" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Gibt an, wie oft der DNS-Eintrag des Clients aktualisiert werden soll" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" "Gibt an, ob der Anbieter den PTR-Datensatz ebenfalls explizit aktualisieren " "soll" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Gibt an, ob das nsupdate-Dienstprogramm per Vorgabe TCP verwenden soll" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Gibt an, welche Art der Authentifizierung bei der DNS-Aktualisierung " "verwendet werden soll" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Aufzählung vertrauenswürdiger Domains steuern" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Anzahl der Auffrischung der Subdomain-Liste" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-Domain" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA-Serveradresse" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adresse des Ersatz-IPA-Servers" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA-Client-Rechnername" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Gibt an, ob der DNS-Eintrag des Clients in FreeIPA automatisch aktualisiert " "werden soll" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Suchbasis für HBAC-bezogene Objekte" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Die Zeitspanne zwischen Suchanfragen der HBAC-Regeln an den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -636,369 +640,374 @@ msgstr "" "Die Zeitspanne in Sekunden zwischen Suchanfragen der SELinux-Zuweisung an " "den IPA-Server" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Falls auf »false« gesetzt, wird das von PAM angegebene Host-Argument " "ignoriert" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "Der Automounter-Ort, den dieser IPA-Client verwendet" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" "Suchbasis für Objekte, die Informationen über eine IPA-Domain enthalten" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "Suchbasis für Objekte, die Informationen über ID-Bereiche enthalten" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "DNS-Sites aktivieren – standortbasierte Dienstsuche" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Active-Directory-Domain" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Adresse des Active-Directory-Servers" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Adresse des Ersatz-Active-Directory-Servers" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Hostname des Active-Directory-Clients" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "LDAP-Filter zum Bestimmen der Zugriffsprivilegien" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Verwendung des globalen Katalogs für Suchvorgänge" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Operationsmodus für GPO-basierte Zuhgriffskontrolle" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos-Serveradresse" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Adresse des Ersatz-Kerberos-Servers" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos-Realm" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Zeitüberschreitung bei Authentifizierung" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Gibt an, ob kdcinfo-Dateien angelegt werden" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Verzeichnis zum Speichern der Anmeldedaten" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Ort des Zwischenspeichers für die Anmeldedaten des Benutzers" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Ort der Schlüsseltabelle zum Überprüfen von Anmeldedaten" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Validierung der Anmeldedaten aktivieren" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "Passwort im Offline-Modus für spätere Online-Anmeldung speichern" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Erneuerung der Lebensdauer des TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Lebensdauer des TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Zeitspanne zwischen zwei Prüfungen, ob Erneuerung nötig ist" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Aktiviert FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Wählt den für FAST zu verwendenden Principal aus" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Aktiviert Kanonisierung des Principals" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Enterprise-Principals aktivieren" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server, auf dem der Dienst zum Ändern des Passworts läuft, falls nicht KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, die URI des LDAP-Servers" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, die URI des LDAP-Servers" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Vorgegebene Basis-DN" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Der vom LDAP-Server verwendete Schema-Typ gemäß RFC2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Typ des Authentifizierungs-Tokens der vorgegebenen Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Authentifizierungs-Token für die vorgegebene Bind-DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Zeitspanne für einen Verbindungsversuch" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Zeitspanne für Versuche zur Ausführung synchroner LDAP-Vorgänge" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Zeitspanne zwischen Versuchen zum erneuten Verbindungsaufbau im Offline-Modus" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Nur Großschreibung für Realm-Namen verwenden" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Datei, die CA-Zertifikate enthält" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Pfad zum CA-Zertifikatverzeichnis" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Datei, die das Client-Zertifikat enthält" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Datei, die den Client-Schlüssel enthält" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Liste der möglichen Verschlüsselungs-Suites" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "TLS-Zertifikatüberprüfung erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Zu verwendenden sasl-Mechanismus angeben" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Zu verwendende ID für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Zu verwendenden Realm für sasl-Authentifizierung angeben" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Gibt den minimalen SSF für die SASL-Authentifizierung über LDAP an" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Schlüsseltabelle des Kerberos-Dienstes" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Kerberos-Authentifizierung für LDAP-Verbindung verwenden" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "LDAP-Verweisen folgen" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Lebensdauer von TGT für LDAP-Verbindung" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Dereferenzierung von Aliasen" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Dienstname für DNS-Service-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "Anzahl der in einer einzelnen LDAP-Abfrage zu holenden Datensätze" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Anzahl der Elemente, die fehlen müssen, um eine vollständige " "Dereferenzierung auszulösen" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1006,391 +1015,393 @@ msgstr "" "Gibt an, ob die LDAP-Bibliothek eine Rückwärtssuche ausführen soll, um den " "Rechnernamen während einer SASL-Bindung zu kanonisieren" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "entryUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "lastUSN-Attribut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Zeitspanne zum Halten einer Verbindung zum LDAP-Server, bis diese " "unterbrochen wird" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "LDAP-Paging-Steuerung deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Bereichsermittlung für Active Directory deaktivieren" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Zeitspanne zum Warten auf eine Suchanfrage" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Zeitspanne zum Warten auf eine Auflistungsanfrage" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Zeitspanne zwischen Auflistungsanfragen" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Zeitspanne zwischen den Leerungen des Zwischenspeichers" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "TLS für ID-Suchvorgänge erforderlich machen" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "ID-Zuweisung von objectSID anstelle von voreingestellten IDs verwenden" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Basis-DN für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Bereich für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filter für Benutzer-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objektklasse für Benutzer" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Benutzername-Attribut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "UID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Primäres GID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "GECOS-Attribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Home-Verzeichnis-Attribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Shell-Attribut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "objectSID -Attribut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active-Directory-Primärgruppen-Attribut für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Principal-Attribut verwenden (für Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Vollständiger Name" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "memberOf-Attribut" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Änderungszeit-Attribut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "shadowLastChange-attribut" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "shadowMin-Attribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "shadowMax Attribut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "shadowWarning-Attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "shadowInactive-Attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "shadowExpire-Attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "shadowFlag-Attribut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Attribut, welches die autorisierten PAM-Dienste auflistet" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Attribut, welches die autorisierten Server-Hosts auflistet" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange-Attribut" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-Attribut" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut, welches angibt, dass die serverseitigen Passwortregeln aktiv sind" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "accountExpires-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "userAccountControl-Attribut von AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "nsAccountLock-Attribut" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap-Attribut von NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Attribut für öffentlichen SSH-Schlüssel" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Eine Liste der zusätzlich herunterzuladender Attribute zusammen mit dem " "Benutzereintrag" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "Basis-DN für Gruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Objektklasse für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Gruppenname" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Gruppenpasswort" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Gruppen-ID-Attribut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Gruppen-Mitgliedschafts-Attribut" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Änderungszeit-Attribut für Gruppen" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Typ der Gruppe und weitere Flags" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "Basis-DN für Netzgruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Objektklasse für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Netzgruppenname" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Netzgruppen-Mitglieder-Attribut" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Netzgruppen-Tripel-Attribut" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Änderungszeit-Attribut für Netzgruppen" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Basis-DN für Dienste-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Objektklasse für Dienste" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Name-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Port-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Protokoll-Attribut des Dienstes" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Untere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Obere Grenze für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "Anzahl der IDs für jeden Teil bei der ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "autorid-kompatiblen Algorithmus für ID-Zuweisung verwenden" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Name der Vorgabe-Domain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID der Vorgabedomain für ID-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "LDAP_MATCHING_RULE_IN_CHAIN für Gruppen-Suchanfragen verwenden" +msgstr "Basis-DN für Gruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "LDAP_MATCHING_RULE_IN_CHAIN für initgroup-Suchanfragen verwenden" +msgstr "Basis-DN für Netzgruppen-Suchanfragen" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Verwendung von Token-Gruppen" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Untere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Obere Grenze für zulässige IDs des LDAP-Servers angeben" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Regel zum Ermitteln der Ablaufzeit des Passworts" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Attribute, die bei der Ermittlung verwendet werden, ob ein Konto abgelaufen " "ist" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Regeln für die Ermittlung der Zugriffskontrolle" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI eines LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI eines Ersatz-LDAP-Servers, wo Passwortänderungen zulässig sind" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "DNS-Dienstname für den LDAP-Passwortänderungsserver" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1398,25 +1409,25 @@ msgstr "" "Gibt an, ob das Attribut ldap_user_shadow_last_change nach einer " "Passwortänderung aktualisiert werden soll" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Basis-DN für Suchanfragen nach Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Periode für automatische vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Periode für bedingte vollständige Aktualisierung" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Gibt an, ob Regeln nach Hostnamen, IP-Adressen oder Netzwerken gefiltert " "werden sollen" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1424,164 +1435,164 @@ msgstr "" "Hostnamen und/oder voll ausgeschriebene Domain-Namen dieses Rechners zum " "Filtern von Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- oder IPv6-Adressen oder Netzwerk dieses Rechners zum Filtern von sudo-" "Regeln" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die " "Netzgruppen enthalten" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Gibt an, ob Regeln im Host-Attribut einbezogen werden sollen, die reguläre " "Ausdrücke enthalten" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Objektklasse für Sudo-Regeln" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Sudo-Regelname" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Befehlsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Host-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Benutzer-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Optionsattribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "runasuser-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "runasgroup-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "notbefore-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "notafter-Attribut der sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Reihenfolge-Attribut der Sudo-Regel" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Objektklasse für Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Name-Attribut der Automounter-Zuweisung" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Objektklasse für Einträge von Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Schlüssel-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Wert-Attribut des Automounter-Zuweisungseintrags" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Basis-DN für Suchanfragen nach Automounter-Zuweisungen" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Durch Kommata getrennte Liste der erlaubten Benutzer" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Durch Kommata getrennte Liste der verbotenen Benutzer" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Vorgabeshell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Wurzel für Benutzerverzeichnisse" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Name der zu verwendenden NSS-Bibliothek" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Gibt an, ob wenn möglich im Zwischenspeicher nach dem kanonischen " "Gruppennamen gesucht werden soll" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Zu verwendender PAM-Stapel" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Zum Hintergrunddienst werden (Vorgabe)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Interaktiv ausführen (nicht als Hintergrunddienst)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Angabe einer nicht standardmäßigen Konfigurationsdatei" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Versionsnummer ausgeben und das Programm beenden" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1767,7 +1778,7 @@ msgstr "Passwort ist abgelaufen. Ändern Sie Ihr Passwort jetzt." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Stufe, mit der die Fehlerdiagnose ausgeführt werden soll" @@ -1780,7 +1791,7 @@ msgstr "Die zu verwendende SSSD-Domain" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Fehler beim Setzen der Locale-Einstellung\n" @@ -2253,96 +2264,96 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transaktionsfehler. Benutzer kann nicht geändert werden.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" "Kein Objekt im Zwischenspeicher entspricht der angegebenen Suchanfrage\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Bestimmten Benutzer annullieren" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Alle Benutzer annullieren" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Bestimmte Gruppe annullieren" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Alle Gruppen annullieren" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Bestimmte Netzgruppe annullieren" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Alle Netzgruppen annullieren" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Bestimmten Dienst annullieren" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Alle Dienste annullieren" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Bestimmte autofs-Zuweisung annullieren" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Alle autofs-Zuweisungen annullieren" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Nur Einträge einer bestimmten Domain annullieren" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Bitte wählen Sie mindestens ein Objekt für die Annullierung\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2352,7 +2363,7 @@ msgstr "" "(trusted domain) handelt, verwenden Sie den voll ausgeschriebenen Namen " "anstelle des Parameters --domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Verfügbare Domains konnten nicht geöffnet werden\n" diff --git a/po/es.po b/po/es.po index 6debf91e6d4..05b716fab78 100644 --- a/po/es.po +++ b/po/es.po @@ -17,8 +17,8 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" -"PO-Revision-Date: 2018-06-01 03:11+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" +"PO-Revision-Date: 2018-09-10 10:06+0000\n" "Last-Translator: Emilio Herrera \n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" "es/)\n" @@ -27,7 +27,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -93,14 +93,14 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Tiempo máximo para los mensajes enviados a través de SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" "Expresión regular para analizar sintácticamente el nombre de usuario y " "dominio" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" "Formato compatible con printf para mostrar nombres completamente calificados" @@ -153,7 +153,7 @@ msgstr "" "Tiempo máximo (segundos) de la entrada de caché a actualizar en segundo plano" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Tiempo máximo negativo del cache (segundos)" @@ -297,15 +297,19 @@ msgid "Which PAM services are permitted to contact application domains" msgstr "" "Que servicios PAM tienen permitido contactar con dominios de aplicación" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "Ya sea para evaluar los atributos basados en el tiempo en reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "Si cierto, SSSD volverá a la lógica de ordenación de triunfos menores" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." @@ -313,13 +317,13 @@ msgstr "" "Número máximo de reglas que se pueden refrescar de una vez. Si esto se " "excede, se llevará a cabo un refresco total." -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Si se deben picar los nombres de host y las direcciones en el archivo known-" "hosts" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -327,59 +331,59 @@ msgstr "" "Cuantos segundos mantener un host en el archivos known_host después de que " "se haya pedido su clave de host" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "Ruta al almacenamiento de los certificados CA de confianza" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Lista de UIDs o nombres de usuario que tienen permitido acceder al " "contestador PAC" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "Longitud de datos PAC considerados válidos" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Lista de UIDs y nombres de usuarios que tienen permitido el acceso al " "contestador InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Lista de atributos de usuario que InforPipe tiene permitido publicar" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "El proveedor donde se almacenarán los secretos" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "El número máximo permitido de contenedores anidados" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "El número máximo de secretos que pueden ser almacenados" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "El número máximo de secretos que puede ser almacenado por UID" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "El tamaño de carga máxima de un secreto en kilobytes" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "El servidor URL Custodia está escuchando en" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "El método a usar cuando se autentica en un servidor Custodia" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" @@ -387,624 +391,677 @@ msgstr "" "El nombre de las cabeceras que se añadirán a una petición HTTP con el valor " "definido en auth_header_value" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "El valor que sssd-secrets debería usar para auth_header_name" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" "La lista de las cabeceras a enviar al servidor Custodia junto con la petición" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" +"El nombre de usuario a usar cuando se autentifica en un servidor Custodia " +"usando basic_auth" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" +"La contraseña a usar cuando se autentifica en un servidor Custodia usando " +"basic_auth" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" +"Si es verdadero el certificado del par es verificado si proxy_url usa " +"protocolo https" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" +"Si es falso el certificado del par puede contener un nombre de host " +"diferente que el proxy_url cuando se usa el protocolo https" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" +"Ruta al directorio donde está almacenado el certificado de la autoridad de " +"certificación" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" -msgstr "" +msgstr "Ruta al fichero que contiene el certificado CA del servidor" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" -msgstr "" +msgstr "Ruta al fichero que contiene el certificado del cliente" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" -msgstr "" +msgstr "Ruta al fichero que contiene la clave privada del cliente" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Proveedor de identidad" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Proveedor de Autenticación" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Proveedor de control de acceso" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Proveedor de cambio de contraseña" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "Proveedor de SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Proveedor de Autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Suministrador de identidad de host" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" -msgstr "" +msgstr "Proveedor SELinux" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" -msgstr "" +msgstr "Proveedor de gestión de sesión" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" -msgstr "" +msgstr "Si el dominio es utilizable por el SO o por las aplicaciones" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "ID mínimo de usuario" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "ID máximo de usuario" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Habilitar la enumeración de todos los usuarios/grupos" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Hacer caché de las credenciales para ingresos fuera de línea" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Guardar los hashes de la contraseña" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Mostrar los usuarios/grupos en un formato completamente calificado" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" -msgstr "" +msgstr "No incluye a los miembros del grupo en las búsquedas de grupo" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Tiempo máximo de una entrada del caché (segundos)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Restringir o preferir una familia de direcciones específica, cuando se " "realicen búsquedas DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "Por cuánto tiempo permitir ingresos cacheados luego del último (días)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se " "estén resolviendo servidores" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "La sección del dominio de la consulta para descubrir servicios DNS" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "Sustituye valor GID del proveedor de la identidad con este valor" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Trate al nombre de usuario con mayúsculas y minúsculas" -#: src/config/SSSDConfig/__init__.py.in:182 -msgid "How often should expired entries be refreshed in background" -msgstr "" - #: src/config/SSSDConfig/__init__.py.in:183 -msgid "Whether to automatically update the client's DNS entry" +msgid "How often should expired entries be refreshed in background" msgstr "" +"Frecuencia con la que deberían expirar las entradas refrescada en segundo " +"plano" #: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 -msgid "The TTL to apply to the client's DNS entry after updating it" -msgstr "" +msgid "Whether to automatically update the client's DNS entry" +msgstr "Que actualice automáticamente las entradas del cliente DNS" #: src/config/SSSDConfig/__init__.py.in:185 #: src/config/SSSDConfig/__init__.py.in:207 +msgid "The TTL to apply to the client's DNS entry after updating it" +msgstr "El TTL a aplicar a la entrada del cliente DNS después de actualizarla" + +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "La interfaz cuya IP debería ser utilizada para actualizaciones DNS " "automáticas" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" +"Frecuencia con la que actualizar periódicamente la entrada del cliente DNS" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" +"Si el proveedor debería explícitamente actualizar el registro PTR también" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" -msgstr "" +msgstr "Si la utilidad nsupdate debería utilizar por defecto TCP" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" +"Clase de autenticación que debería ser usada para llevar a cabo una " +"actualización DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" +"Borrar el servidor DNS utilizado para llevar a cabo una actualización DNS" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" -msgstr "" +msgstr "Control de enumeración de los dominios de confianza" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" -msgstr "" +msgstr "Frecuencia con la que la lista de subdominios es refrescada" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" -msgstr "" +msgstr "Lista de las opciones que serían heredadas a un subdominio" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" -msgstr "" +msgstr "Valor homedir del subdominio por defecto" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" +"Cuanto serán usadas las credenciales en cache para la autenticación en cache" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" -msgstr "" +msgstr "Ya sea para crear grupos privados para usuarios" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Dominio IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Dirección del servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" -msgstr "" +msgstr "Dirección del servidor de respaldo IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nombre de equipo del cliente IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Búsqueda base para objetos HBAC" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" +"La cantidad de tiempo en segundos entre búsquedas de los mapas SELinux " +"contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Si se lo define en 'false', será ignorado el argumento de equipo ofrecido " "por PAM" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "La ubicación de montaje automático que este cliente de IPA está usando" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" +"Buscar base para el objeto que contiene información sobre el dominio IPA" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" +"Buscar base para los objetos que contienen información sobre los rangos ID" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" +"Habilita la localización de sitios DNS en base al servicio de descubrimiento" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" -msgstr "" +msgstr "Buscar base para la visualización de contenedores" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" -msgstr "" +msgstr "Objectclass para visualizar contenedores" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" -msgstr "" +msgstr "Atributo con el nombre de la vista" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" -msgstr "" +msgstr "Objectclass para anular objetos" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" -msgstr "" +msgstr "Atributo con la referencia al objeto original" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" -msgstr "" +msgstr "Objectclass para anular objetos de usuario" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" -msgstr "" +msgstr "Objectclass para anular objetos de grupo" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" -msgstr "" +msgstr "Base de búsqueda para objetos relacionados con Desktop Profile" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" +"La cantidad de tiempo en segundos entre las búsquedas de las reglas Desktop " +"Profile contra el servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" +"La cantidad de tiempo en minutos entre búsquedas de reglas de Desktop " +"Profiles contra el servidor IPA cuando la última petición no ha encontrado " +"ninguna regla" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" -msgstr "" +msgstr "Dominio Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" -msgstr "" +msgstr "Habilitar dominio Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" -msgstr "" +msgstr "Dirección del servidor Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" -msgstr "" +msgstr "Dirección del servidor de respaldo Active Directory" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" -msgstr "" +msgstr "Nombre de host del cliente de Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP para determinar privilegios de acceso" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" -msgstr "" +msgstr "Si se usa Global Catalog para búsquedas" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" -msgstr "" +msgstr "Modo de operación para control de acceso basado en GPO" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" +"La cantidad de tiempo entre búsquedas de los ficheros de política GPO contra " +"el servidor AD" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" +"Servicio de nombres PAM que mapea a los ajustes de política GPO " +"(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" +"Servicio de nombres PAM que mapea a los ajustes de política GPO " +"(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" +"Servicio de nombres PAM que mapea a los ajustes de política GPO " +"(Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" +"Servicio de nombres PAM que mapea a los ajustes de política GPO " +"(Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" +"Servicio de nombres PAM que mapea a los ajustes de política GPO " +"(Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" +"Servicio de nombres PAM por el que el acceso basado en GPO será siempre " +"alcanzado" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" +"Servicio de nombres PAM por el que el acceso basado en GPO será siempre " +"denegado" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" +"Derecho de acceso por defecto (o permitir/denegar) a usar por el servicio de " +"nombres PAM no mapeado" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" -msgstr "" +msgstr "un sitio concreto a ser usado por el cliente" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" +"Edad máxima en días antes de que la cuenta de contraseña debería ser renovada" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" -msgstr "" +msgstr "Opción para afinar la tarea de renovación de la cuenta de la máquina" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Dirección del servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" -msgstr "" +msgstr "Dirección del servidor de respaldo Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Reinado Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Expiración de la autenticación" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" -msgstr "" +msgstr "Si se crean ficheros kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" -msgstr "" +msgstr "Dónde soltar los fragmentos de configuración de krb5" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Directorio donde almacenar las credenciales cacheadas" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Ubicación del caché de credenciales del usuario" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Ubicación de la tabla de claves para validar las credenciales" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Habilitar la validación de credenciales" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "Si se encuentra desconectado, almacena contraseñas para más tarde realizar " "una autenticación en línea" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "ciclo de vida renovable del TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "ciclo de vida del TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "tiempo entre dos comprobaciones para renovación " -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Habilita FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Selecciona el principal para su uso por FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Habilita canonicalización principal" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" -msgstr "" +msgstr "Permite los principios de la empresa" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" +"Un mapeo desde los nombres de usuario a los nombres de principal de Kerberos" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "El servidor en donde está ejecutándose el servicio de modificación de " "contraseña, en caso de no ser KDC. " -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, El URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" -msgstr "" +msgstr "ldap_backup_uri, La URI del servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "DN base predeterminado" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "El DN Bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "El tipo del token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "El token de autenticación del DN bind predeterminado" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Tiempo durante el que se intentará la conexión" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Use solo el caso superior para nombres reales" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Archivo que contiene los certificados CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Ruta hacia un directorio certificado CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Fichero que contiene el certificado de cliente" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Fichero que contiene la llave de cliente" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Lista de posibles suites de cifrado" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Requiere la verificación de certificado TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Especificar el mecanismo sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Especifique el id de autorización sasl a usar" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reinado de autorización sasl a ser utilizado" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Tabla de clave del servicio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Usar auth Kerberos para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Seguir referencias LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Período de vida del TGT para la conexión LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Como eliminar aliases" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Nombre de servicio para busquedas de servicios DNS" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "La cantidad de miembros que deben faltar para desencadenar una deref completa" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1012,571 +1069,583 @@ msgstr "" "Si la Biblioteca LDAP debería realizar una búsqueda inversa para " "canonicalizar el nombre del host durante un enlace SASL" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "atributo entryUSN" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "atributo lastUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "El período de tiempo máximo para retener una conexión con el servidor LDAP " "antes de desconectar" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Deshabilita el control de paginación LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" -msgstr "" +msgstr "Deshabilitar el rango de recuperación Active Directory" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Tiempo máximo a esperar un pedido de búsqueda" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "periodo de espera para solicitud de enumeración" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Tiempo en segundos entre las actualizaciones de enumeración" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "periodo de tiempo entre borrados de la caché" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Requiere TLS para búsquedas de ID" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "" +msgstr "Usar el mapeado ID de objectSID en lugar de las IDs preajustadas" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "DN base para búsquedas de usuario" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Ambito de las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtro para las búsquedas del usuario" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass para los usuarios" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Atributo Username" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Atributo GID primario" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Atributo Directorio de inicio" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Atributo shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" -msgstr "" +msgstr "Atributo UUID" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" -msgstr "" +msgstr "Atributo objectSID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" -msgstr "" +msgstr "Atributo primario del grupo Active Directory para el mapeado de ID" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal del usuario (para Kerberos) " -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nombre completo" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Atributo hora de modificación" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "atributo shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "atributo shadowMin " -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "atributo shadowMax" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "atributo shadowWarning " -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "atributo shadowInactive " -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "atributo shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "atributo shadowFlag " -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "listado de atributos de servicios PAM autorizados" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Atributo de listado de equipos de servidor autorizados" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" -msgstr "" +msgstr "Atributo listando los rhosts de los servidores autorizados" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "atributo krbLastPwdChange " -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "atributo krbPasswordExpiration " -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" "atributo indicando que las políticas de contraseña del lado del servidor " "están activas" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "atributo accountExpires de AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "atributo userAccountControl de AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "atributo nsAccountLock " -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap atributo de NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Atributo de clave pública SSH" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" +"atributo listando los tipos de autenticación permitidos para un usuario" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" -msgstr "" +msgstr "atributo conteniendo el certificado X509 del usuario" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" -msgstr "" +msgstr "atributo que contiene la dirección de correo electrónico del usuario" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" +"Una lista de los atributos extra a descargar junto con la entrada del usuario" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "DN base para busqueda de grupos" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "clase objeto para" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Nombre del grupo" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Contraseña del grupo" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Atributo GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Atributo de miembro del grupo" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" -msgstr "" +msgstr "Atributo UUID de grupo" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Atributo de modificación de tiempo para los grupos" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" -msgstr "" +msgstr "Tipo del grupo y otras banderas" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" -msgstr "" +msgstr "Atributo de miembro de grupo externo LDAP" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" -msgstr "" +msgstr "Máximo nivel de anidamiento que seguirá SSSD" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "DN base para búsquedas de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Clases de objetos para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Nombre de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Atributo de miembros de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Atributo triple de grupo de red" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Atributo de modificación de tiempo para grupos de red" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Base DN para servicio de búsquedas" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Clase de objeto para servicio" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Atributo de nombre de servicio" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Atributo de puerto de servicio" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Atributo de protocolo de servidor" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" -msgstr "" +msgstr "Límite más bajo para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" -msgstr "" +msgstr "Límite más alto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" -msgstr "" +msgstr "Número de IDs por cada trozo cuando se mapean ID" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" -msgstr "" +msgstr "Usar el algoritmo compatible con autorid para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" -msgstr "" +msgstr "Nombre del dominio por defecto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" -msgstr "" +msgstr "SID del dominio por defecto para el mapeo de ID" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" -msgstr "" +msgstr "Número de trozos secundarios" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "" +msgstr "DN base para busqueda de grupos" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "" +msgstr "DN base para búsquedas de grupos de red" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" -msgstr "" +msgstr "Si usar Token-Groups" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" -msgstr "" +msgstr "Fijar el límite más bajo de IDs permitidas desde el servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" +"Fijar el límite más alto para las IDs permitidas desde el servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" -msgstr "" +msgstr "DN para consultas ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" -msgstr "" +msgstr "Máximas entradas a recuperar durante una solicitud de comodín" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Política para evaluar el vencimiento de la contraseña" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Los atributos que deberán ser utilizados para evaluar si una cuenta ha " "expirado" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI de un servidor LDAP donde se permite la modificación de contraseñas" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" +"URI de un servidor de respaldo LDAP donde están permitidos los cambios de " +"contraseña" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" "Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" +"Si actualizar el atributo ldap_user_shadow_last_change después de un cambio " +"de contraseña" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Base DN para búsquedas de reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" -msgstr "" +msgstr "Período de refresco total automático" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" -msgstr "" +msgstr "Período de refresco inteligente automático" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" -msgstr "" +msgstr "Si filtrar la reglas por nombre de host, direcciones IP y red" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" +"Nombres de host y/o nombres de dominio totalmente cualificado de esta " +"máquina para filtrar las reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" -msgstr "" +msgstr "Direcciones o red IPv4 o IPv6 de esta máquina para filtrar reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" -msgstr "" +msgstr "Si incluir reglas que contienen netgroup en el atributo de host" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" +"Si incluir reglas que contengan expresiones regulares en el atributo de host" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Objeto clase para reglas sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Nombre de regla sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Atributo de regla de comando sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Atributo de la regla host de sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Atributo de la regla usuario de sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Atributo de la regla opción de sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" -msgstr "" +msgstr "Atributo runas de regla sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "Atributo de la regla suda runasuser" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Atributo de regla runasgroup de sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Atributo de regla notbefore de sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Atributo de regla noafter de sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Atributo de regla orden de sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Objeto clase para mapas automontador" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Atributo de nombre de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Objeto clase para entradas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Atributo de clave de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Atributo de valor de entrada para mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Base DN para búsquedas de mapa de automontador" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Lista separada por comas de usuarios autorizados" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Lista separada por comas de usuarios prohibidos" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Shell predeterminado, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Base de los directorios de inicio" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." -msgstr "" +msgstr "Número de hijos proxy prefabricados" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Nombre de la biblioteca NSS a usar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" -msgstr "" +msgstr "Si buscar el nombre canónico del grupo desde el cache si es posible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Pila PAM a usar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." -msgstr "" +msgstr "Ruta de las fuentes del fichero passwd" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." -msgstr "" +msgstr "Ruta de las fuentes del fichero group" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Convertirse en demonio (predeterminado)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Ejecutarse en forma interactiva (no un demonio)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" -msgstr "" +msgstr "Deshabilitar el interfaz netlink" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Indicar un archivo de configuración diferente al predeterminado" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" -msgstr "" +msgstr "Refrescar la base de datos de configuración, después salir" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Muestra el número de versión y finaliza" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" -msgstr "" +msgstr "SSSD ya está corriendo\n" #: src/providers/krb5/krb5_child.c:3216 src/providers/ldap/ldap_child.c:605 msgid "Debug level" @@ -1596,43 +1665,43 @@ msgstr "Un arhivo abierto de descriptor para los registros de depuración" #: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." -msgstr "" +msgstr "Enviar la salida de depuración a stderr directamente." #: src/providers/krb5/krb5_child.c:3228 msgid "The user to create FAST ccache as" -msgstr "" +msgstr "El usuario para crear FAST ccache como" #: src/providers/krb5/krb5_child.c:3230 msgid "The group to create FAST ccache as" -msgstr "" +msgstr "El grupo para crear FAST ccache como" #: src/providers/krb5/krb5_child.c:3232 msgid "Kerberos realm to use" -msgstr "" +msgstr "Reino Kerberos a usar" #: src/providers/krb5/krb5_child.c:3234 msgid "Requested lifetime of the ticket" -msgstr "" +msgstr "Tiempo de vida pedido del ticket" #: src/providers/krb5/krb5_child.c:3236 msgid "Requested renewable lifetime of the ticket" -msgstr "" +msgstr "Teimpo de vida renovable pedido del ticket" #: src/providers/krb5/krb5_child.c:3238 msgid "FAST options ('never', 'try', 'demand')" -msgstr "" +msgstr "Opciones FAST ('never', 'try', 'demand')" #: src/providers/krb5/krb5_child.c:3241 msgid "Specifies the server principal to use for FAST" -msgstr "" +msgstr "Especifica el servidor principal a usar por FAST" #: src/providers/krb5/krb5_child.c:3243 msgid "Requests canonicalization of the principal name" -msgstr "" +msgstr "Solicita la canonización del nombre principal" #: src/providers/krb5/krb5_child.c:3245 msgid "Use custom version of krb5_get_init_creds_password" -msgstr "" +msgstr "Usar versión personal de krb5_get_init_creds_password" #: src/providers/data_provider_be.c:556 msgid "Domain of the information provider (mandatory)" @@ -1665,7 +1734,7 @@ msgstr "" #: src/sss_client/pam_sss.c:76 msgid "Permission denied. " -msgstr "" +msgstr "Permiso denegado." #: src/sss_client/pam_sss.c:77 src/sss_client/pam_sss.c:782 #: src/sss_client/pam_sss.c:793 @@ -1691,12 +1760,12 @@ msgstr ", su contraseña cacheada vencerá el:" #: src/sss_client/pam_sss.c:560 #, c-format msgid "Your password has expired. You have %1$d grace login(s) remaining." -msgstr "" +msgstr "Su contraseña ha expirado. Usted tiene %1$d accesos restantes." #: src/sss_client/pam_sss.c:606 #, c-format msgid "Your password will expire in %1$d %2$s." -msgstr "" +msgstr "Su contraseña expirará en %1$d %2$s." #: src/sss_client/pam_sss.c:655 msgid "Authentication is denied until: " @@ -1711,6 +1780,8 @@ msgid "" "After changing the OTP password, you need to log out and back in order to " "acquire a ticket" msgstr "" +"Después de cambiar la contraseña OTP, usted debe salir y volver a entrar con " +"el objetivo de fijarla" #: src/sss_client/pam_sss.c:779 src/sss_client/pam_sss.c:792 msgid "Password change failed. " @@ -1726,15 +1797,15 @@ msgstr "Reingrese la contraseña nueva:" #: src/sss_client/pam_sss.c:2039 src/sss_client/pam_sss.c:2042 msgid "First Factor: " -msgstr "" +msgstr "Primer Factor: " #: src/sss_client/pam_sss.c:2040 src/sss_client/pam_sss.c:2202 msgid "Second Factor (optional): " -msgstr "" +msgstr "Segundo Factor (opcional): " #: src/sss_client/pam_sss.c:2043 src/sss_client/pam_sss.c:2205 msgid "Second Factor: " -msgstr "" +msgstr "Segundo Factor:" #: src/sss_client/pam_sss.c:2058 msgid "Password: " @@ -1742,7 +1813,7 @@ msgstr "Contraseña: " #: src/sss_client/pam_sss.c:2201 src/sss_client/pam_sss.c:2204 msgid "First Factor (Current Password): " -msgstr "" +msgstr "Primer Factor (Contraseña Actual): " #: src/sss_client/pam_sss.c:2208 msgid "Current Password: " @@ -1757,7 +1828,7 @@ msgstr "La contraseña ha expirado. Modifíquela en este preciso momento." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Nivel de depuración en que se debe ejecutar" @@ -1770,7 +1841,7 @@ msgstr "El dominio SSSD a usar" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Error al poner la región\n" @@ -1796,7 +1867,7 @@ msgstr "" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" -msgstr "" +msgstr "Puerto no válido\n" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:257 msgid "Host not specified\n" @@ -1887,7 +1958,7 @@ msgstr "Los grupos deben estar en el mismo dominio que el usuario\n" #: src/tools/sss_useradd.c:159 #, c-format msgid "Cannot find group %1$s in local domain\n" -msgstr "" +msgstr "No se puede encontrar el grupo %1$s en el dominio local\n" #: src/tools/sss_useradd.c:174 src/tools/sss_userdel.c:219 msgid "Cannot set default values\n" @@ -1914,12 +1985,12 @@ msgstr "" #: src/tools/sss_useradd.c:239 #, c-format msgid "Cannot create user's home directory: %1$s\n" -msgstr "" +msgstr "No se puede crear el directorio home del usuario: %1$s\n" #: src/tools/sss_useradd.c:250 #, c-format msgid "Cannot create user's mail spool: %1$s\n" -msgstr "" +msgstr "No puede crear la cuenta de correo del usuario: %1$s\n" #: src/tools/sss_useradd.c:270 msgid "Could not allocate ID for the user - domain full?\n" @@ -1964,7 +2035,7 @@ msgstr "Especifique el grupo a borrar\n" #: src/tools/sss_groupdel.c:104 #, c-format msgid "Group %1$s is outside the defined ID range for domain\n" -msgstr "" +msgstr "El grupo %1$s está fuera del rango de ID definidas para el dominio\n" #: src/tools/sss_groupdel.c:119 src/tools/sss_groupmod.c:225 #: src/tools/sss_groupmod.c:232 src/tools/sss_groupmod.c:239 @@ -1973,6 +2044,7 @@ msgstr "" #, c-format msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n" msgstr "" +"Petición NSS fallo (%1$d). La entrada debe permanecer en la memoria cache.\n" #: src/tools/sss_groupdel.c:132 msgid "" @@ -2022,6 +2094,8 @@ msgid "" "Cannot find group %1$s in local domain, only groups in local domain are " "allowed\n" msgstr "" +"No se puede encontrar el grupo %1$s en el dominio local, solo están " +"permitidos grupos en el dominio local\n" #: src/tools/sss_groupmod.c:257 msgid "Could not modify group - check if member group names are correct\n" @@ -2041,7 +2115,7 @@ msgstr "Error de transacción. No se pudo modificar el grupo.\n" #: src/tools/sss_groupshow.c:615 #, c-format msgid "%1$s%2$sGroup: %3$s\n" -msgstr "" +msgstr "%1$s%2$sGroup: %3$s\n" #: src/tools/sss_groupshow.c:616 msgid "Magic Private " @@ -2050,12 +2124,12 @@ msgstr "Magia privada" #: src/tools/sss_groupshow.c:618 #, c-format msgid "%1$sGID number: %2$d\n" -msgstr "" +msgstr "%1$sGID número: %2$d\n" #: src/tools/sss_groupshow.c:620 #, c-format msgid "%1$sMember users: " -msgstr "" +msgstr "%1$sMember usuarios: " #: src/tools/sss_groupshow.c:627 #, c-format @@ -2063,6 +2137,8 @@ msgid "" "\n" "%1$sIs a member of: " msgstr "" +"\n" +"%1$sIs un miembro de: " #: src/tools/sss_groupshow.c:634 #, c-format @@ -2070,6 +2146,8 @@ msgid "" "\n" "%1$sMember groups: " msgstr "" +"\n" +"%1$sMember grupos: " #: src/tools/sss_groupshow.c:670 msgid "Print indirect group members recursively" @@ -2114,7 +2192,7 @@ msgstr "Especifique el usuario a borrar\n" #: src/tools/sss_userdel.c:234 #, c-format msgid "User %1$s is outside the defined ID range for domain\n" -msgstr "" +msgstr "El usuario %1$s está fuera del rango de ID definido para el dominio\n" #: src/tools/sss_userdel.c:259 msgid "Cannot reset SELinux login context\n" @@ -2124,6 +2202,8 @@ msgstr "No es posible reiniciar contexto de registro de SELinux\n" #, c-format msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n" msgstr "" +"PRECAUCIÓN: El usuario (uid %1$lu) estaba todavía conectado cuando se " +"borró.\n" #: src/tools/sss_userdel.c:276 msgid "Cannot determine if the user was logged in on this platform" @@ -2137,7 +2217,7 @@ msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n" #: src/tools/sss_userdel.c:288 #, c-format msgid "The post-delete command failed: %1$s\n" -msgstr "" +msgstr "El comando post-delete falló: %1$s\n" #: src/tools/sss_userdel.c:308 msgid "Not removing home dir - not owned by user\n" @@ -2146,7 +2226,7 @@ msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n" #: src/tools/sss_userdel.c:310 #, c-format msgid "Cannot remove homedir: %1$s\n" -msgstr "" +msgstr "No se puede borrar homedir: %1$s\n" #: src/tools/sss_userdel.c:324 msgid "" @@ -2181,22 +2261,25 @@ msgstr "Desbloquear la cuenta" #: src/tools/sss_usermod.c:57 msgid "Add an attribute/value pair. The format is attrname=value." -msgstr "" +msgstr "Añadir un par atributo/valor. El formato es nombre_atributo=valor." #: src/tools/sss_usermod.c:58 msgid "Delete an attribute/value pair. The format is attrname=value." -msgstr "" +msgstr "Borrar un par atributo/valor. El formato es nombre_atributo=valor." #: src/tools/sss_usermod.c:59 msgid "" "Set an attribute to a name/value pair. The format is attrname=value. For " "multi-valued attributes, the command replaces the values already present" msgstr "" +"Fijar un atributo para un par nombre/valor. El formato es " +"nombre_atributo=valor. Para atributos con múltiples valores, el comando " +"reemplaza el valor ya presente" #: src/tools/sss_usermod.c:117 src/tools/sss_usermod.c:126 #: src/tools/sss_usermod.c:135 msgid "Specify the attribute name/value pair(s)\n" -msgstr "" +msgstr "Especifique el par(es) nombre/valor\n" #: src/tools/sss_usermod.c:152 msgid "Specify user to modify\n" @@ -2225,109 +2308,115 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Error de transacción. No se pudo modificar el usuario.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" +"No hay objetos en el cache que coincidan con la búsqueda especificada\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" -msgstr "" +msgstr "No podría invalidar %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" -msgstr "" +msgstr "No podría invalidar %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" -msgstr "" +msgstr "Invalidar todas las entradas en el cache" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Usuario particular invalidado" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Todos los usuarios invalidados" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" -msgstr "" +msgstr "Invalidar grupo concreto" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" -msgstr "" +msgstr "Invalidar todos los grupos" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" -msgstr "" +msgstr "Invalidar un grupo de red concreto" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" -msgstr "" +msgstr "Invalidar todos los grupos de red" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" -msgstr "" +msgstr "Invalidar un servicio concreto" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" -msgstr "" +msgstr "Invalidar todos los servicios" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" -msgstr "" +msgstr "Invalidar mapa autofs concreto" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" -msgstr "" +msgstr "Invalidar todos los mapas autofs" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" -msgstr "" +msgstr "Invalidar SSH host concreto" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" -msgstr "" +msgstr "Invalidar todos los hosts SSH" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" -msgstr "" +msgstr "Invalidar una regla sudo concreta" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" -msgstr "" +msgstr "Invalidar todas las reglas sudo cacheadas" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" -msgstr "" +msgstr "Solo invalidar las entradas de un dominio concreto" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" +"Se han suministrado argumento(s) no esperado, opciones que invalidan un " +"único objeto solo aceptan que se les suministre un único argumento.\n" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" -msgstr "" +msgstr "Por favor seleccione al menos un objeto par invalidar\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" +"No podría abrir el dominio %1$s. Si el dominio es un subdominio (dominio " +"confiable), use el nombre totalmente cualificado en lugar de --domain/-d " +"parametro.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" -msgstr "" +msgstr "No podría abrir los dominios disponibles\n" #: src/tools/tools_util.c:202 #, c-format msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n" -msgstr "" +msgstr "El nombre '%1$s' no parece ser FQDN ('%2$s = TRUE' está fijado)\n" #: src/tools/tools_util.c:309 msgid "Out of memory\n" @@ -2336,110 +2425,110 @@ msgstr "Falta memoria\n" #: src/tools/tools_util.h:40 #, c-format msgid "%1$s must be run as root\n" -msgstr "" +msgstr "%1$s debe ser ejecutado como root\n" #: src/tools/sssctl/sssctl.c:35 msgid "yes" -msgstr "" +msgstr "si" #: src/tools/sssctl/sssctl.c:37 msgid "no" -msgstr "" +msgstr "no" #: src/tools/sssctl/sssctl.c:39 msgid "error" -msgstr "" +msgstr "error" #: src/tools/sssctl/sssctl.c:42 msgid "Invalid result." -msgstr "" +msgstr "Resultado no válido." #: src/tools/sssctl/sssctl.c:78 #, c-format msgid "Unable to read user input\n" -msgstr "" +msgstr "Incapaz de leer la entrada del usuario\n" #: src/tools/sssctl/sssctl.c:91 #, c-format msgid "Invalid input, please provide either '%s' or '%s'.\n" -msgstr "" +msgstr "Entrada no válida, por favor suministre bien '%s' o bien '%s'.\n" #: src/tools/sssctl/sssctl.c:109 src/tools/sssctl/sssctl.c:114 #, c-format msgid "Error while executing external command\n" -msgstr "" +msgstr "Error mientras se ejecutaba comando externo\n" #: src/tools/sssctl/sssctl.c:156 msgid "SSSD needs to be running. Start SSSD now?" -msgstr "" +msgstr "SSSD necesita estar corriendo. ¿Arrancar SSSD ahora?" #: src/tools/sssctl/sssctl.c:195 msgid "SSSD must not be running. Stop SSSD now?" -msgstr "" +msgstr "SSSD no debe estar corriendo. ¿Parar SSSD ahora?" #: src/tools/sssctl/sssctl.c:231 msgid "SSSD needs to be restarted. Restart SSSD now?" -msgstr "" +msgstr "SSSD necesita ser reiniciado. ¿Reiniciar SSSD ahora?" #: src/tools/sssctl/sssctl_cache.c:31 #, c-format msgid " %s is not present in cache.\n" -msgstr "" +msgstr " %s no está presente en cache.\n" #: src/tools/sssctl/sssctl_cache.c:33 msgid "Name" -msgstr "" +msgstr "Nombre" #: src/tools/sssctl/sssctl_cache.c:34 msgid "Cache entry creation date" -msgstr "" +msgstr "Fecha de creación de la entrada cache" #: src/tools/sssctl/sssctl_cache.c:35 msgid "Cache entry last update time" -msgstr "" +msgstr "Última hora de actualización de la entrada cache" #: src/tools/sssctl/sssctl_cache.c:36 msgid "Cache entry expiration time" -msgstr "" +msgstr "Tiempo de expiración de la entrada cache" #: src/tools/sssctl/sssctl_cache.c:37 msgid "Cached in InfoPipe" -msgstr "" +msgstr "Cached en InfoPipe" #: src/tools/sssctl/sssctl_cache.c:512 #, c-format msgid "Error: Unable to get object [%d]: %s\n" -msgstr "" +msgstr "Error: Incapaz para obtener objeto [%d]: %s\n" #: src/tools/sssctl/sssctl_cache.c:528 #, c-format msgid "%s: Unable to read value [%d]: %s\n" -msgstr "" +msgstr "%s: Incapaz de leer el valor [%d]: %s\n" #: src/tools/sssctl/sssctl_cache.c:556 msgid "Specify name." -msgstr "" +msgstr "Especificar nombre." #: src/tools/sssctl/sssctl_cache.c:566 #, c-format msgid "Unable to parse name %s.\n" -msgstr "" +msgstr "Incapaz de analizar el nombre %s.\n" #: src/tools/sssctl/sssctl_cache.c:592 src/tools/sssctl/sssctl_cache.c:639 msgid "Search by SID" -msgstr "" +msgstr "Búsqueda por SID" #: src/tools/sssctl/sssctl_cache.c:593 msgid "Search by user ID" -msgstr "" +msgstr "Búsqueda por ID de usuario" #: src/tools/sssctl/sssctl_cache.c:602 msgid "Initgroups expiration time" -msgstr "" +msgstr "Tiempo de expiración de Initgroups" #: src/tools/sssctl/sssctl_cache.c:640 msgid "Search by group ID" -msgstr "" +msgstr "Búsqueda por ID de grupo" #: src/tools/sssctl/sssctl_config.c:67 #, c-format @@ -2447,219 +2536,227 @@ msgid "" "File %1$s does not exist. SSSD will use default configuration with files " "provider.\n" msgstr "" +"Fichero %1$s no existe. SSSD usará la configuración predeterminada con " +"ficheros del suministrador.\n" #: src/tools/sssctl/sssctl_config.c:81 #, c-format msgid "" "File ownership and permissions check failed. Expected root:root and 0600.\n" msgstr "" +"La propiedad del fichero y la comprobación de permisos fallaron. Se esperaba " +"root:root y 0600.\n" #: src/tools/sssctl/sssctl_config.c:104 #, c-format msgid "Issues identified by validators: %zu\n" -msgstr "" +msgstr "Cuestiones identificadas por los validadores: %zu\n" #: src/tools/sssctl/sssctl_config.c:114 #, c-format msgid "Messages generated during configuration merging: %zu\n" -msgstr "" +msgstr "Mensajes generados durante la configuración de la fusión: %zu\n" #: src/tools/sssctl/sssctl_config.c:127 #, c-format msgid "Used configuration snippet files: %u\n" -msgstr "" +msgstr "Configuración usada retazos de ficheros: %u\n" #: src/tools/sssctl/sssctl_data.c:89 #, c-format msgid "Unable to create backup directory [%d]: %s" -msgstr "" +msgstr "Incapaz de crear el directorio de respaldo [%d]: %s" #: src/tools/sssctl/sssctl_data.c:95 msgid "SSSD backup of local data already exists, override?" -msgstr "" +msgstr "Respaldo SSSD de datos locales ya existe, ¿anular?" #: src/tools/sssctl/sssctl_data.c:111 #, c-format msgid "Unable to export user overrides\n" -msgstr "" +msgstr "Incapaz de exportar usuarios anulados\n" #: src/tools/sssctl/sssctl_data.c:118 #, c-format msgid "Unable to export group overrides\n" -msgstr "" +msgstr "Incapaz de exportar grupos anulados\n" #: src/tools/sssctl/sssctl_data.c:134 src/tools/sssctl/sssctl_data.c:217 msgid "Override existing backup" -msgstr "" +msgstr "Anular respaldo existente" #: src/tools/sssctl/sssctl_data.c:164 #, c-format msgid "Unable to import user overrides\n" -msgstr "" +msgstr "Incapaz de importar usuario anulado\n" #: src/tools/sssctl/sssctl_data.c:173 #, c-format msgid "Unable to import group overrides\n" -msgstr "" +msgstr "Incapaz de importar grupo anulado\n" #: src/tools/sssctl/sssctl_data.c:194 src/tools/sssctl/sssctl_domains.c:74 #: src/tools/sssctl/sssctl_domains.c:339 msgid "Start SSSD if it is not running" -msgstr "" +msgstr "Arrancar SSSD si no está corriendo" #: src/tools/sssctl/sssctl_data.c:195 msgid "Restart SSSD after data import" -msgstr "" +msgstr "Reiniciar SSSD después de la importación de datos" #: src/tools/sssctl/sssctl_data.c:218 msgid "Create clean cache files and import local data" -msgstr "" +msgstr "Crear limpiar ficheros cache e importar datos locales" #: src/tools/sssctl/sssctl_data.c:219 msgid "Stop SSSD before removing the cache" -msgstr "" +msgstr "Para SSSD antes de borrar el cache" #: src/tools/sssctl/sssctl_data.c:220 msgid "Start SSSD when the cache is removed" -msgstr "" +msgstr "Iniciar SSSD cuando se haya borrado el cache" #: src/tools/sssctl/sssctl_data.c:235 #, c-format msgid "Creating backup of local data...\n" -msgstr "" +msgstr "Creando respaldo de los datos locales...\n" #: src/tools/sssctl/sssctl_data.c:238 #, c-format msgid "Unable to create backup of local data, can not remove the cache.\n" msgstr "" +"Incapaz de crear el respaldo de los datos locales, no se puede quitar el " +"cache.\n" #: src/tools/sssctl/sssctl_data.c:243 #, c-format msgid "Removing cache files...\n" -msgstr "" +msgstr "Borrando los ficheros del cache...\n" #: src/tools/sssctl/sssctl_data.c:246 #, c-format msgid "Unable to remove cache files\n" -msgstr "" +msgstr "Incapaz de borrar ficheros en cache\n" #: src/tools/sssctl/sssctl_data.c:251 #, c-format msgid "Restoring local data...\n" -msgstr "" +msgstr "Restaurando datos locales...\n" #: src/tools/sssctl/sssctl_domains.c:75 msgid "Show domain list including primary or trusted domain type" msgstr "" +"Muestra la lista de dominio incluyendo los tipos de dominios primarios y de " +"confianza" #: src/tools/sssctl/sssctl_domains.c:156 #, c-format msgid "Online status: %s\n" -msgstr "" +msgstr "Estado en línea: %s\n" #: src/tools/sssctl/sssctl_domains.c:156 msgid "Online" -msgstr "" +msgstr "En línea" #: src/tools/sssctl/sssctl_domains.c:156 msgid "Offline" -msgstr "" +msgstr "Fuera de línea" #: src/tools/sssctl/sssctl_domains.c:214 #, c-format msgid "Active servers:\n" -msgstr "" +msgstr "Servidores activos:\n" #: src/tools/sssctl/sssctl_domains.c:231 msgid "not connected" -msgstr "" +msgstr "no conectado" #: src/tools/sssctl/sssctl_domains.c:278 #, c-format msgid "Discovered %s servers:\n" -msgstr "" +msgstr "Descubiertos %s servidores:\n" #: src/tools/sssctl/sssctl_domains.c:296 msgid "None so far.\n" -msgstr "" +msgstr "Ninguno tan lejos.\n" #: src/tools/sssctl/sssctl_domains.c:336 msgid "Show online status" -msgstr "" +msgstr "Mostrar el estado en línea" #: src/tools/sssctl/sssctl_domains.c:337 msgid "Show information about active server" -msgstr "" +msgstr "Mostrar información sobre el servidor activo" #: src/tools/sssctl/sssctl_domains.c:338 msgid "Show list of discovered servers" -msgstr "" +msgstr "Mostrar la lista de servidores descubiertos" #: src/tools/sssctl/sssctl_domains.c:344 msgid "Specify domain name." -msgstr "" +msgstr "Especificar el nombre de dominio." #: src/tools/sssctl/sssctl_domains.c:360 #, c-format msgid "Out of memory!\n" -msgstr "" +msgstr "¡Fuera de memoria!\n" #: src/tools/sssctl/sssctl_domains.c:377 src/tools/sssctl/sssctl_domains.c:387 #, c-format msgid "Unable to get online status\n" -msgstr "" +msgstr "Incapaz de obtener el estado en línea\n" #: src/tools/sssctl/sssctl_domains.c:397 #, c-format msgid "Unable to get server list\n" -msgstr "" +msgstr "Incapaz de obtener la lista de servidores\n" #: src/tools/sssctl/sssctl_logs.c:47 msgid "\n" -msgstr "" +msgstr "\n" #: src/tools/sssctl/sssctl_logs.c:237 msgid "Delete log files instead of truncating" -msgstr "" +msgstr "Borrar los ficheros de registro en lugar de dividirlos" #: src/tools/sssctl/sssctl_logs.c:248 #, c-format msgid "Deleting log files...\n" -msgstr "" +msgstr "Borrando ficheros de registro...\n" #: src/tools/sssctl/sssctl_logs.c:251 #, c-format msgid "Unable to remove log files\n" -msgstr "" +msgstr "Incapaz de borrar los ficheros de registro\n" #: src/tools/sssctl/sssctl_logs.c:257 #, c-format msgid "Truncating log files...\n" -msgstr "" +msgstr "Truncando ficheros de registro...\n" #: src/tools/sssctl/sssctl_logs.c:260 #, c-format msgid "Unable to truncate log files\n" -msgstr "" +msgstr "Incapaz de truncar los ficheros de registro\n" #: src/tools/sssctl/sssctl_logs.c:286 #, c-format msgid "Out of memory!" -msgstr "" +msgstr "¡Fuera de memoria!" #: src/tools/sssctl/sssctl_logs.c:289 #, c-format msgid "Archiving log files into %s...\n" -msgstr "" +msgstr "Archivando ficheros de registro en %s...\n" #: src/tools/sssctl/sssctl_logs.c:292 #, c-format msgid "Unable to archive log files\n" -msgstr "" +msgstr "Incapaz de archivar los ficheros de registro\n" #: src/tools/sssctl/sssctl_logs.c:317 msgid "Specify debug level you want to set" -msgstr "" +msgstr "Especifique el nivel de depuración que desea fijar" #: src/tools/sssctl/sssctl_sifp.c:28 msgid "" @@ -2668,74 +2765,74 @@ msgid "" msgstr "" #: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format +#, fuzzy, c-format msgid "Unable to connect to the InfoPipe" -msgstr "" +msgstr "Incapaz de truncar los ficheros de registro\n" #: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format +#, fuzzy, c-format msgid "Unable to get user object" -msgstr "" +msgstr "Incapaz de obtener la lista de servidores\n" #: src/tools/sssctl/sssctl_user_checks.c:101 #, c-format msgid "SSSD InfoPipe user lookup result:\n" -msgstr "" +msgstr "SSSD InfoPipe resultado de la búsqueda de usuario:\n" #: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format +#, fuzzy, c-format msgid "Unable to get user name attr" -msgstr "" +msgstr "Incapaz de obtener la lista de servidores\n" #: src/tools/sssctl/sssctl_user_checks.c:146 #, c-format msgid "dlopen failed with [%s].\n" -msgstr "" +msgstr "dlopen falló con [%s].\n" #: src/tools/sssctl/sssctl_user_checks.c:153 #, c-format msgid "dlsym failed with [%s].\n" -msgstr "" +msgstr "dlsym falló con with [%s].\n" #: src/tools/sssctl/sssctl_user_checks.c:161 #, c-format msgid "malloc failed.\n" -msgstr "" +msgstr "malloc falló.\n" #: src/tools/sssctl/sssctl_user_checks.c:168 #, c-format msgid "sss_getpwnam_r failed with [%d].\n" -msgstr "" +msgstr "sss_getpwnam_r falló con [%d].\n" #: src/tools/sssctl/sssctl_user_checks.c:173 #, c-format msgid "SSSD nss user lookup result:\n" -msgstr "" +msgstr "Resultado de la búsqueda de usuario SSSD nss:\n" #: src/tools/sssctl/sssctl_user_checks.c:174 #, c-format msgid " - user name: %s\n" -msgstr "" +msgstr " - nombre de usuario: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:175 #, c-format msgid " - user id: %d\n" -msgstr "" +msgstr " - id de usuario: %d\n" #: src/tools/sssctl/sssctl_user_checks.c:176 #, c-format msgid " - group id: %d\n" -msgstr "" +msgstr " - id de grupo: %d\n" #: src/tools/sssctl/sssctl_user_checks.c:177 #, c-format msgid " - gecos: %s\n" -msgstr "" +msgstr " - gecos: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:178 #, c-format msgid " - home directory: %s\n" -msgstr "" +msgstr " - directorio home: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:179 #, c-format @@ -2743,18 +2840,20 @@ msgid "" " - shell: %s\n" "\n" msgstr "" +" - shell: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:211 msgid "PAM action [auth|acct|setc|chau|open|clos], default: " -msgstr "" +msgstr "Acción PAM [auth|acct|setc|chau|open|clos], predeterminada: " #: src/tools/sssctl/sssctl_user_checks.c:214 msgid "PAM service, default: " -msgstr "" +msgstr "Servicio PAM, predeterminado: " #: src/tools/sssctl/sssctl_user_checks.c:219 msgid "Specify user name." -msgstr "" +msgstr "Especificar nombre de usuario." #: src/tools/sssctl/sssctl_user_checks.c:226 #, c-format @@ -2764,21 +2863,25 @@ msgid "" "service: %s\n" "\n" msgstr "" +"usuario: %s\n" +"acción: %s\n" +"servicio: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:232 #, c-format msgid "User name lookup with [%s] failed.\n" -msgstr "" +msgstr "Búsqueda de nombre de usuario con [%s] falló.\n" #: src/tools/sssctl/sssctl_user_checks.c:237 #, c-format msgid "InfoPipe User lookup with [%s] failed.\n" -msgstr "" +msgstr "Búsqueda de Usuario InfoPipe con [%s] falló.\n" #: src/tools/sssctl/sssctl_user_checks.c:244 #, c-format msgid "pam_start failed: %s\n" -msgstr "" +msgstr "pam_start falló: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:249 #, c-format @@ -2786,11 +2889,13 @@ msgid "" "testing pam_authenticate\n" "\n" msgstr "" +"probando pam_authenticate\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:253 #, c-format msgid "pam_get_item failed: %s\n" -msgstr "" +msgstr "pam_get_item falló: %s\n" #: src/tools/sssctl/sssctl_user_checks.c:257 #, c-format @@ -2798,6 +2903,8 @@ msgid "" "pam_authenticate for user [%s]: %s\n" "\n" msgstr "" +"pam_authenticate para usuario [%s]: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:260 #, c-format @@ -2805,6 +2912,8 @@ msgid "" "testing pam_chauthtok\n" "\n" msgstr "" +"probando pam_chauthtok\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:262 #, c-format @@ -2812,6 +2921,8 @@ msgid "" "pam_chauthtok: %s\n" "\n" msgstr "" +"pam_chauthtok: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:264 #, c-format @@ -2819,6 +2930,8 @@ msgid "" "testing pam_acct_mgmt\n" "\n" msgstr "" +"probando pam_acct_mgmt\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:266 #, c-format @@ -2826,6 +2939,8 @@ msgid "" "pam_acct_mgmt: %s\n" "\n" msgstr "" +"pam_acct_mgmt: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:268 #, c-format @@ -2833,6 +2948,8 @@ msgid "" "testing pam_setcred\n" "\n" msgstr "" +"probando pam_setcred\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:270 #, c-format @@ -2840,6 +2957,8 @@ msgid "" "pam_setcred: [%s]\n" "\n" msgstr "" +"pam_setcred: [%s]\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:272 #, c-format @@ -2847,6 +2966,8 @@ msgid "" "testing pam_open_session\n" "\n" msgstr "" +"probando pam_open_session\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:274 #, c-format @@ -2854,6 +2975,8 @@ msgid "" "pam_open_session: %s\n" "\n" msgstr "" +"pam_open_session: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:276 #, c-format @@ -2861,6 +2984,8 @@ msgid "" "testing pam_close_session\n" "\n" msgstr "" +"probando pam_close_session\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:278 #, c-format @@ -2868,34 +2993,36 @@ msgid "" "pam_close_session: %s\n" "\n" msgstr "" +"pam_close_session: %s\n" +"\n" #: src/tools/sssctl/sssctl_user_checks.c:281 #, c-format msgid "unknown action\n" -msgstr "" +msgstr "acción desconocida\n" #: src/tools/sssctl/sssctl_user_checks.c:284 #, c-format msgid "PAM Environment:\n" -msgstr "" +msgstr "Entorno PAM:\n" #: src/tools/sssctl/sssctl_user_checks.c:292 #, c-format msgid " - no env -\n" -msgstr "" +msgstr " - no env -\n" #: src/util/util.h:75 msgid "The user ID to run the server as" -msgstr "" +msgstr "La ID de usuario para ejecutar el servidor como" #: src/util/util.h:77 msgid "The group ID to run the server as" -msgstr "" +msgstr "La ID de grupo para ejecutar el servidor como" #: src/util/util.h:85 msgid "Informs that the responder has been socket-activated" -msgstr "" +msgstr "Informa que el contestador ha sido socket-activated" #: src/util/util.h:87 msgid "Informs that the responder has been dbus-activated" -msgstr "" +msgstr "Informa que el contestador ha sido dbus-activated" diff --git a/po/eu.po b/po/eu.po index 98f874a9d0c..69af71f4d39 100644 --- a/po/eu.po +++ b/po/eu.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -78,12 +78,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -130,7 +130,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -256,1246 +256,1255 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Gutxienezko erabiltzaile IDa" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Gehienezko erabiltzaile IDa" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA domeinua" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA zerbitzariaren helbidea" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA bezeroaren ostalari-izena" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "FAST gaitzen du" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "entryUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "lastUSN atributua" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "UID atributua" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "objectSID atributua" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Izen osoa" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "shadowLastChange atributua" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "shadowMin atributua" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "shadowMax atributua" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "shadowWarning atributua" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "shadowInactive atributua" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "shadowExpire atributua" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "shadowFlag atributua" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange atributua" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration atributua" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "ADren accountExpires atributua" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "ADren userAccountControl atributua" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "nsAccountLock atributua" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Talde-izena" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Taldearen pasahitza" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "GID atributua" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Shell lehenetsia, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Inprimatu bertsio zenbakia eta irten" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1677,7 +1686,7 @@ msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1690,7 +1699,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2124,102 +2133,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Baliogabetu erabiltzaile bat" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Baliogabetu erabiltzaile guztiak" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Baliogabetu talde bat" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Baliogabetu talde guztiak" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Baliogabetu zerbitzu bat" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Baliogabetu zerbitzu guztiak" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/fr.po b/po/fr.po index c6d964eb4df..137927ffcd3 100644 --- a/po/fr.po +++ b/po/fr.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2016-02-24 03:43+0000\n" "Last-Translator: Jérôme Fenal \n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -23,7 +23,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -86,12 +86,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Délai d'attente pour les messages à envoyer à travers SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Expression rationnelle d'analyse des noms d'utilisateur et de domaine" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Format compatible printf d'affichage des noms complétement qualifiés" @@ -144,7 +144,7 @@ msgstr "" "secondes)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Délai d'attente du cache négatif (en secondes)" @@ -290,26 +290,30 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "Faut-il évaluer les attributs dépendants du temps dans les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -317,424 +321,424 @@ msgstr "" "Le nombre de secondes pour garder un hôte dans le fichier known_hosts après " "que ses clés d'hôte ont été demandées" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur PAC" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Listes des UID ou nom d'utilisateurs autorisés à accéder le répondeur " "InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Liste des attributs utilisateur que l'InfoPipe est autorisé à publier" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Fournisseur d'identité" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Fournisseur d'authentification" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Fournisseur de contrôle d'accès" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Fournisseur de changement de mot de passe" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "Fournisseur SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Fournisseur autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Fournisseur d'identité de l'hôte" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Identifiant utilisateur minimum" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Identifiant utilisateur maximum" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Activer l'énumération de tous les utilisateurs/groupes" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Mettre en cache les crédits pour une connexion hors-ligne" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Stocker les sommes de contrôle des mots de passe" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Afficher les utilisateurs/groupes dans un format complétement qualifié" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Ne pas inclure les membres des groupes dans les recherches de groupes." -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Durée de validité des entrées en cache (en secondes)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "Restreindre ou préférer une famille d'adresses lors des recherches DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Durée de validité des entrées en cache après la dernière connexion réussie " "(en jours)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Délai d'attente des réponses du DNS lors de la résolution des serveurs (en " "secondes)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "La partie domaine de la requête de découverte de service DNS" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "Écraser la valeur du GID du fournisseur d'identité avec cette valeur" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Considère les noms d'utilisateur comme casse dépendant" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Fréquence de rafraîchissement en arrière plan des entrées expirées" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "Le TTL à appliquer à l'entrée DNS du client après modification" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "L'interface dont l'adresse IP doit être utilisée pour les mises à jour " "dynamiques du DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Fréquence de mise à jour automatique de l'entrée DNS du client" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" "Selon que le fournisseur doit aussi ou non mettre à jour explicitement " "l'enregistrement PTR" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Quel type d'authentification doit être utilisée pour effectuer la mise à " "jour DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Contrôle l'énumération des domaines approuvés" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Fréquence de rafraîchissement des sous-domaines" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "Listes des options qui doivent être héritées dans le sous-domaine" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Domaine IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Adresse du serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adresse du serveur IPA de secours" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nom de système du client IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Base de recherche pour les objets HBAC" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" "L'emplacement de la carte de montage automatique utilisée par le client IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" "Base de recherche pour l'objet contenant les informations de base à propos " "du domaine IPA" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" "Base de recherche pour les objets contenant les informations à propos des " "plages d'ID" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "Activer les sites DNS - découverte de service basée sur l'emplacement" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "Base de recherche des conteneurs de vues" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "Classe d'objet pour les conteneurs de vues" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "Attribut avec le nom de la vue" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "Classe d'objet surchargeant les objets" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "Attribut faisant référence à l'objet originel " -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "Classe d'objet surchargeant les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "Classe d'objet surchargeant les groupes" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Domaine Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Adresse du serveur Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Adresse du serveur Active Directory de secours" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Nom de système du client Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP pour déterminer les autorisations d'accès" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Choisir d'utiliser ou non le catalogue global pour les recherches" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Mode opératoire pour les contrôles d'accès basé sur les GPO" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" @@ -742,7 +746,7 @@ msgstr "" "Durée entre les recherches de fichiers de politiques de GPO dans le serveur " "AD" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -750,7 +754,7 @@ msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)InteractiveLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -758,264 +762,269 @@ msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)RemoteInteractiveLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)NetworkLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)BatchLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Noms de services PAM correspondant à la configuration de la politique " "(Deny)ServiceLogonRight de la GPO" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " "toujours autorisés" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Noms de services PAM pour lesquels les accès s'appuyant sur la GPO sont " "toujours interdits" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Droit de connexion par défaut (ou permission/interdiction) à utiliser pour " "les noms de services sans correspondance" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "un site particulier utilisé par le client" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Adresse du serveur Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Adresse du serveur Kerberos de secours" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Domaine Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Délai avant expiration de l'authentification" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Choisir de créer ou non les fichiers kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "Où déposer les extraits de configuration krb5" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Répertoire pour stocker les caches de crédits" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Emplacement du cache de crédits de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Emplacement du fichier keytab de validation des crédits" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Activer la validation des crédits" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure " "en ligne" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Durée de vie renouvelable du TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Durée de vie du TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Durée entre deux vérifications pour le renouvellement" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Active FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Sélectionne le principal à utiliser avec FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Active la canonisation du principal" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Active les principals d'entreprise" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Serveur où tourne le service de changement de mot de passe s'il n'est pas " "sur le KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, l'adresse du serveur LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, l'URI du serveur LDAP" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "La base DN par défaut" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Le DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Le type de jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Le jeton d'authentification du DN de connexion par défaut" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Durée pendant laquelle il sera tenté d'établir la connexion" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "N'utiliser que des majuscules pour les noms de domaine" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Fichier contenant les certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Chemin vers le répertoire de certificats des CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Fichier contenant le certificat client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Fichier contenant la clé du client" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Liste des suites de chiffrement possibles" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Requiert une vérification de certificat TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Spécifier le mécanisme SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Spécifier l'identité d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Spécifier le domaine d'authorisation SASL à utiliser" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Service du fichier keytab de Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Suivre les référents LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Durée de vie du TGT pour la connexion LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Comment déréférencer les alias" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Nom du service pour les recherches DNS" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Nombre de membres qui doivent être manquants pour activer un déréférencement " "complet" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1023,399 +1032,399 @@ msgstr "" "Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le " "nom d'hôte pendant une connexion SASL ?" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "attribut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "attribut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Combien de temps conserver la connexion au serveur LDAP avant de se " "déconnecter" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Désactiver le contrôle des pages LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Désactiver la récupération de plage Active Directory." -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Durée d'attente pour une requête de recherche" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Durée d'attente pour une requête d'énumération" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Durée entre deux mises à jour d'énumération" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Durée entre les nettoyages de cache" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "TLS est requis pour les recherches d'identifiants" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-" "établis" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Base DN pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Scope des recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtre pour les recherches d'utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Classe d'objet pour les utilisateurs" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Attribut de nom d'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Attribut UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Attribut de GID primaire" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Attribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Attribut de répertoire utilisateur" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Attribut d'interpréteur de commandes" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "attribut UUID" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "attribut objectSID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Groupe primaire Active Directory pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Attribut d'utilisateur principal (pour Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Attribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Attribut de date de modification" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "Attribut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "Attribut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "Attribut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "Attribut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "Attribut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "Attribut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "Attribut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Attribut listant les services PAM autorisés" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Attribut listant les systèmes serveurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "Attribut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "Attribut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" "Attribut indiquant que la stratégie de mot de passe du serveur est active" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "Attribut AD accountExpires" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "Attribut AD userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "Attribut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "Attribut NDS loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "Attribut NDS loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Attribut NDS loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Attribut de clé public SSH" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" "attribut énumérant les types d'authentification autorisés pour un utilisateur" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "attribut contenant le certificat X509 de l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Une liste des attributs supplémentaires à télécharger avec l'entrée de " "l'utilisateur" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "DN de base pour les recherches de groupes" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Classe d'objet pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Nom du groupe" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Mot de passe du groupe" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Attribut GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Attribut membre du groupe" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "attribut de l'UUID du groupe" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Attribut de date de modification pour les groupes" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Type de groupe et autres indicateurs" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "DN de base pour les recherches de netgroup" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Classe d'objet pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Nom du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Attribut des membres des groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Attribut triplet du groupe réseau" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Attribut date de modification pour les groupes réseau" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Nom de domaine (DN) de base pour les recherches de service" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Classe objet pour les services" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Attribut de nom de service" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Attribut de port du service" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Attribut de service du protocole" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Limite inférieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Limite supérieure pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombre d'ID par tranche pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Utilisation d'un algorithme compatible autorid pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Nom du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID du domaine par défaut pour la correspondance d'ID" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes" +msgstr "DN de base pour les recherches de groupes" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "" -"Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes " -"d'initialisation" +msgstr "DN de base pour les recherches de netgroup" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Choisir d'utiliser ou non les groupes de jetons" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite inférieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" "Définir la limite supérieure d'identifiants autorisés pour l'annuaire LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "DN pour les requêtes sur ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Stratégie d'évaluation de l'expiration du mot de passe" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Quels attributs utiliser pour déterminer si un compte a expiré" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un serveur LDAP de secours où sont autorisées les modifications de mot " "de passe" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1423,23 +1432,23 @@ msgstr "" "Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un " "changement de mot de passe" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Périodicité de rafraichissement total" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Périodicité de rafraichissement intelligent" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1447,161 +1456,161 @@ msgstr "" "Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour " "filtrer les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles " "sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Inclure ou non les règles qui contiennent un netgroup dans l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Inclure ou non les règles qui contiennent une expression rationnelle dans " "l'attribut host" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Classe objet pour les règles sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Règle de nom sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Attribut de commande de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Attribut hôte de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Attribut utilisateur de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Attribut option de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "Attribut de règle sudo runas" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "Attribut runasuser de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Attribut runasgroup de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Attribut notbefore de la règle sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Attribut notafter de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Attribut d'ordre de règle sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Classe objet pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Nom de l'attribut de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Classe objet pour l'entrée de référence de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Attribut de clé d'entrée pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Attribut de valeur pour la carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Base DN pour les requêtes de carte de montage automatique" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Liste, séparée par des virgules, d'utilisateurs interdits" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Interpréteur de commande par défaut : /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Base pour les répertoires utilisateur" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Nom de la bibliothèque NSS à utiliser" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "Rechercher le nom canonique du groupe dans le cache si possible" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Pile PAM à utiliser" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Devenir un démon (par défaut)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Fonctionner en interactif (non démon)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Définir un fichier de configuration différent de celui par défaut" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Afficher le numéro de version et quitte" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1790,7 +1799,7 @@ msgstr "Mot de passe expiré. Changez votre mot de passe maintenant." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Le niveau de débogage utilisé avec" @@ -1803,7 +1812,7 @@ msgstr "Le domaine SSSD à utiliser" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Erreur lors du paramétrage de la locale\n" @@ -2282,95 +2291,95 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Impossible d'invalider %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Impossible d'invalider %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Invalider un utilisateur spécifique" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Invalider tous les utilisateurs" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Invalider un groupe particulier" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Invalider tous les groupes" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Invalider un groupe réseau particulier" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Invalider tous les groupes réseau" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Invalidation d'un service particulier" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Invalidation de tous les services" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Invalidation d'une carte autofs particulière" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Invalidation de toutes les cartes autofs" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "Invalider un hôte SSH particulier" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "Invalider tous les hôtes SSH" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "N'invalider des entrées que d'un domaine spécifique" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Merci de sélectionner au moins un objet à invalider\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2380,7 +2389,7 @@ msgstr "" "(domaine approuvé), utiliser le nom pleinement qualifié au lieu du paramètre " "--domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Impossible d'ouvrir aucun des domaines disponibles\n" diff --git a/po/hu.po b/po/hu.po index f9b7c601d32..a9e6d8a0eb0 100644 --- a/po/hu.po +++ b/po/hu.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:45+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -80,12 +80,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -132,7 +132,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -258,1246 +258,1255 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Azonosító-kiszolgáló" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Legkisebb felhasználói azonosító" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Legnagyobb felhasználói azonosító" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Azonosítók gyorsítótárazása offline használathoz" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Jelszó hash-ek tárolása" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Bejegyzés-gyorsítótár érvényessége (másodperc)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-tartomány" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA kiszolgáló címe" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA kliens hosztneve" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos-kiszolgáló címe" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos-tartomány" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Időtúllépés azonosításkor" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, az LDAP szerver URI-ja" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Alapértelmezett LDAP alap-DN-je" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Az LDAP szerveren használt séma-típus, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "A jelszava lejárt, változtass meg most." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Az alapértelmezett bind DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "A kapcsolódási próbálkozás időtartama" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "A CA tanusítványokat tartalmazó fájl" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "TLS tanusítvány ellenőrzése" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "TLS megkövetelése ID keresésekor" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "GECOS attribútum" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Shell attribútum" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Teljes név" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "memberOf attribútum" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Csoport neve" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Csoport jelszava" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Alapértelmezett shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1679,7 +1688,7 @@ msgstr "A jelszava lejárt, változtass meg most." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1692,7 +1701,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2128,102 +2137,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Tranzakcióhiba történt, a felhasználó nem módosítható.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/id.po b/po/id.po index 80b05a14e68..335153af8ab 100644 --- a/po/id.po +++ b/po/id.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -77,12 +77,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -129,7 +129,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -255,1246 +255,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Penyedia identitas" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Penyedia otentikasi" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Penyedia kontrol akses" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Penyedia pengubah kata sandi" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "ID pengguna minimum" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "ID pengguna maksimum" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Domain IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Alamat server IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nama host klien IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Alamat server Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Realm Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI server LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Lamanya waktu untuk mencoba koneksi" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Membutuhkan verifikasi sertifikat TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Tentukan mekanisme sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Tentukan id otorisasi sasl yang digunakan" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Keytab layanan Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Lingkup pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filter pencarian pengguna" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass untuk pengguna" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Atribut Nama pengguna" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Atribut UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Atribut GID Primer" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Atribut GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Atribut direktori Home" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Atribut Shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Atribut utama pengguna (untuk Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nama Lengkap" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Atribut memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Atribut waktu modifikasi" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Shell default, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1676,7 +1684,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1689,7 +1697,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2137,102 +2145,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Kesalahan transaksi. Pengguna tidak dapat dimodifikasi.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/it.po b/po/it.po index 63265d7bf21..cb41d93c3ea 100644 --- a/po/it.po +++ b/po/it.po @@ -4,13 +4,14 @@ # # Translators: # Guido Grazioli , 2011 +# Milo Casagrande , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" -"PO-Revision-Date: 2014-12-14 11:46+0000\n" -"Last-Translator: Copied by Zanata \n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" +"PO-Revision-Date: 2019-03-06 08:57+0000\n" +"Last-Translator: Milo Casagrande \n" "Language-Team: Italian (http://www.transifex.com/projects/p/sssd/language/" "it/)\n" "Language: it\n" @@ -18,7 +19,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -27,19 +28,19 @@ msgstr "Imposta il livello di dettaglio dei messaggi di debug" #: src/config/SSSDConfig/__init__.py.in:45 msgid "Include timestamps in debug logs" -msgstr "Includi i timestamp nei log" +msgstr "Include marcatura temporale nei messaggi di registro" #: src/config/SSSDConfig/__init__.py.in:46 msgid "Include microseconds in timestamps in debug logs" -msgstr "" +msgstr "Include i microsecondi nella marcatura temporale per il debug" #: src/config/SSSDConfig/__init__.py.in:47 msgid "Write debug messages to logfiles" -msgstr "Scrivere i messaggi di debug nei file di log" +msgstr "Scrive i messaggi di debug nei file di registro" #: src/config/SSSDConfig/__init__.py.in:48 msgid "Watchdog timeout before restarting service" -msgstr "" +msgstr "Timeout di controllo prima di riavviare il servizio" #: src/config/SSSDConfig/__init__.py.in:49 msgid "Command to start service" @@ -47,43 +48,47 @@ msgstr "Comando per avviare il servizio" #: src/config/SSSDConfig/__init__.py.in:50 msgid "Number of times to attempt connection to Data Providers" -msgstr "Numero di tentativi di connessione ai data providers" +msgstr "Numero di tentativi di connessione ai provider dati" #: src/config/SSSDConfig/__init__.py.in:51 msgid "The number of file descriptors that may be opened by this responder" msgstr "" +"Il numero di descrittori file che possono essere aperti da questo responder" #: src/config/SSSDConfig/__init__.py.in:52 +#, fuzzy msgid "Idle time before automatic disconnection of a client" msgstr "" +"Tempo di attesa prima di interrompere automaticamente una connessione client" #: src/config/SSSDConfig/__init__.py.in:53 +#, fuzzy msgid "Idle time before automatic shutdown of the responder" -msgstr "" +msgstr "Tempo di attesa prima di chiudere automaticamente il responder" #: src/config/SSSDConfig/__init__.py.in:54 msgid "Always query all the caches before querying the Data Providers" -msgstr "" +msgstr "Interrogare tutte le cache prima dei provider dati" #: src/config/SSSDConfig/__init__.py.in:57 msgid "SSSD Services to start" -msgstr "Avvio dei servizi SSSD" +msgstr "Servizi SSD da avviare" #: src/config/SSSDConfig/__init__.py.in:58 msgid "SSSD Domains to start" -msgstr "Avvio dei domini SSSD" +msgstr "Domini SSD da avviare" #: src/config/SSSDConfig/__init__.py.in:59 msgid "Timeout for messages sent over the SBUS" -msgstr "Timeout dei messaggi inviati sul SBUS" +msgstr "Timeout dei messaggi inviati tramite SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" -msgstr "Regex per il parsing di nome utente e dominio" +msgstr "Espressione regolare per leggere nome utente e dominio" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Formato compatibile con printf per la visualizzazione di nomi completi" @@ -91,7 +96,7 @@ msgstr "Formato compatibile con printf per la visualizzazione di nomi completi" msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." -msgstr "" +msgstr "Directory dove salvare file di cache delle risposte Kerberos" #: src/config/SSSDConfig/__init__.py.in:63 msgid "Domain to add to names without a domain component." @@ -103,7 +108,7 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:65 msgid "Tune certificate verification" -msgstr "" +msgstr "Regola il controllo del certificato" #: src/config/SSSDConfig/__init__.py.in:66 msgid "All spaces in group or user names will be replaced with this character" @@ -123,14 +128,14 @@ msgstr "" #: src/config/SSSDConfig/__init__.py.in:72 msgid "Enumeration cache timeout length (seconds)" -msgstr "Durata timeout per la cache enumeration (secondi)" +msgstr "" #: src/config/SSSDConfig/__init__.py.in:73 msgid "Entry cache background update timeout length (seconds)" msgstr "Durata timeout aggiornamento cache in background (secondi)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Durata timeout negative cache (secondi)" @@ -148,7 +153,7 @@ msgstr "Gruppi che SSSD dovrebbe ignorare esplicitamente" #: src/config/SSSDConfig/__init__.py.in:78 msgid "Should filtered users appear in groups" -msgstr "Specifica se mostrare gli utenti filtrati nei gruppi" +msgstr "Indica se mostrare gli utenti filtrati nei gruppi" #: src/config/SSSDConfig/__init__.py.in:79 msgid "The value of the password field the NSS provider should return" @@ -259,1253 +264,1262 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Provider di identità" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Provider di autenticazione" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Provider di access control" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Provider di cambio password" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "ID utente minimo" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "ID utente massimo" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Consentire l'enumerazione di tutti gli utenti/gruppi" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Salvare in cache le credenziali per login offline" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Salvare gli hash delle password" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Mostrare utenti/gruppi in formato fully-qualified" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Durata timeout elementi in cache (secondi)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Restringere o preferire una specifica famiglia di indirizzi per l'esecuzione " "di lookup DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto " "successo (giorni)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "Il tempo di attesa per le richieste DNS (secondi)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti " "DNS dinamici." -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Dominio IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Indirizzo del server IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Hostname del client IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Filtro LDAP per determinare i privilegi di accesso" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Indirizzo del server Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Realm Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Timeout di autenticazione" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Directory in cui salvare le credenziali" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Percorso della cache delle credenziali utente" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Percorso del keytab per la validazione delle credenziali" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Abilita la validazione delle credenziali" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Intervallo di tempo tra due controlli di rinnovo" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Abilita FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server dove viene eseguito il servizio di cambio password, se non nel KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, l'indirizzo del server LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Il base DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Password scaduta. Cambiare la password ora." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Il bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Il tipo di token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Il token di autenticazione del bind DN predefinito" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Durata del tentativo di connessione" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Durata tra tentativi di riconnessione quando offline" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Usare solo maiuscole per i nomi dei realm" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "File contenente i certificati CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Percorso della directory dei cerficati della CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "File contenente il certificato client" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "File contenente la chiave client" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Lista delle possibili cipher suite" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Richiedere la verifica del certificato TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Specificare il meccanismo sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Specificare l'id di autorizzazione sasl da usare" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Keytab del servizio Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Usare autorizzazione Kerberos per la connessione LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Seguire i referral LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Metodo di deferenziazione degli alias" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Durata attesa per le richieste di ricerca" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Durata tra gli aggiornamenti alle enumeration" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Intervallo di tempo per la pulizia cache" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Richiedere TLS per gli ID lookup" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Base DN per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Ambito di applicazione dei lookup utente" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtro per i lookup utente" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass per gli utenti" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Attributo del nome utente" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Attributo UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Attributo del GID primario" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Attributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Attributo della home directory" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Attributo della shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Attributo user principal (per Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nome completo" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Attributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Attributo data di modifica" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Politica per controllare la scadenza della password" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Lista separata da virgola degli utenti abilitati" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Lista separata da virgola degli utenti non abilitati" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Shell predefinita, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Base delle home directory" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Il nome della libreria NSS da usare" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Stack PAM da usare" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Esegui come demone (default)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Esegui interattivamente (non come demone)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Specificare un file di configurazione specifico" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1687,7 +1701,7 @@ msgstr "Password scaduta. Cambiare la password ora." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Il livello di debug da utilizzare" @@ -1700,7 +1714,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Errore di impostazione del locale\n" @@ -2153,102 +2167,102 @@ msgstr "Impossibile modificare l'utente - utente già membro di gruppi?\n" msgid "Transaction error. Could not modify user.\n" msgstr "Errore nella transazione. Impossibile modificare l'utente.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/ja.po b/po/ja.po index a266d44eefd..d8ca6e83872 100644 --- a/po/ja.po +++ b/po/ja.po @@ -4,14 +4,14 @@ # # Translators: # Tomoyuki KATO , 2012-2013 -# Noriko Mizumoto , 2016. #zanata +# Noriko Mizumoto , 2016. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2016-08-18 08:06+0000\n" -"Last-Translator: Noriko Mizumoto \n" +"Last-Translator: Noriko Mizumoto \n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" "ja/)\n" "Language: ja\n" @@ -19,7 +19,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -79,12 +79,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "SBUS 経由のメッセージ送信のタイムアウト" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "ユーザー名とドメインを構文解析する正規表現" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "完全修飾名を表示するための printf 互換の形式" @@ -133,7 +133,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "エントリーキャッシュのバックグラウンド更新のタイムアウト時間(秒)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "ネガティブキャッシュのタイムアウト(秒)" @@ -263,687 +263,696 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "sudo ルールにおいて時間による属性を評価するかどうか" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "known_hosts ファイルにおいてホスト名とアドレスをハッシュ化するかどうか" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "ホスト鍵が要求された後 known_hosts ファイルにホストを保持する秒数" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "PAC レスポンダーへのアクセスが許可された UID またはユーザー名の一覧" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "アイデンティティプロバイダー" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "認証プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "アクセス制御プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "パスワード変更プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "SUDO プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Autofs プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "ホスト識別プロバイダー" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "最小ユーザー ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "最大ユーザー ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "すべてのユーザー・グループの列挙を有効にする" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "オフラインログインのためにクレディンシャルをキャッシュする" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "パスワードハッシュを保存する" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "ユーザー・グループを完全修飾形式で表示する" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "グループ検索にグループメンバーを含めない" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "エントリーキャッシュのタイムアウト長(秒)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "DNS 検索を実行するときに特定のアドレスファミリーを制限または優先します" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "最終ログイン成功時からキャッシュエントリーを保持する日数" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "サーバーを名前解決するときに DNS から応答を待つ時間(秒)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "サービス検索 DNS クエリーのドメイン部分" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "識別プロバイダーからの GID 値をこの値で上書きする" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "ユーザー名が大文字小文字を区別するよう取り扱う" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "期限切れのエントリーがバックグラウンドで更新される頻度" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "自動的にクライアントの DNS エントリーを更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "クライアントの DNS 項目を更新後、適用する TTL" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "動的 DNS 更新のために使用される IP のインターフェース" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "どのくらい定期的にクライアントの DNS エントリーを更新するか" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" "プロバイダーが同じように PTR レコードを明示的に更新する必要があるかどうか" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "nsupdate ユーティリティが標準で TCP を使用するかどうか" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "DNS 更新を実行するために使用すべき認証の種類" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA ドメイン" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "バックアップ IPA サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA クライアントのホスト名" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "HBAC 関連オブジェクトの検索ベース" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "この IPA クライアントが使用している automounter の場所" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "DNS サイトの有効化 - 位置にサービス探索" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Active Directory ドメイン" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Active Directory サーバーアドレス" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Active Directory バックアップサーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Active Directory クライアントホスト名" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "アクセス権限を決めるための LDAP フィルター" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos サーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Kerberos バックアップサーバーのアドレス" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos レルム" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "認証のタイムアウト" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "kdcinfo ファイルを作成するかどうか" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "クレディンシャルのキャッシュを保存するディレクトリー" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "ユーザーのクレディンシャルキャッシュの位置" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "クレディンシャルを検証するキーテーブルの場所" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "クレディンシャルの検証を有効にする" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "更新可能な TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "更新を確認する間隔" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "FAST を有効にする" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "FAST に使用するプリンシパルを選択する" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "プリンシパル正規化を有効にする" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "エンタープライズ・プリンシパルの有効化" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "デフォルトのベース DN" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "パスワードの期限が切れました。いますぐパスワードを変更してください。" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "デフォルトのバインド DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークンの種類" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "デフォルトのバインド DN の認証トークン" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "LDAP 同期操作を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "オフラインの間に再接続を試行する時間" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "レルム名に対して大文字のみを使用する" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "CA 証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "CA 証明書のディレクトリーのパス" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "クライアント証明書を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "クライアントの鍵を含むファイル" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "利用可能な暗号の一覧" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "TLS 証明書の検証を要求する" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "使用する SASL メカニズムを指定する" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "使用する SASL 認可 ID を指定する" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "使用する SASL 認可レルムを指定する" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "LDAP SASL 認可の最小 SSF を指定する" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Kerberos サービスのキーテーブル" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "LDAP 接続に対して Kerberos 認証を使用する" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "LDAP リフェラルにしたがう" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "LDAP 接続の TGT の有効期間" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "エイリアスを参照解決する方法" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "DNS サービス検索のサービス名" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "単一の LDAP 問い合わせにおいて取得するレコード数" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -951,408 +960,410 @@ msgstr "" "LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す" "るかどうか" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "entryUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "lastUSN 属性" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "LDAP サーバーを切断する前に接続を保持する時間" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "LDAP ページング制御を無効化する" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Active Directory 範囲の取得の無効化" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "検索要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "列挙の要求を待つ時間" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "列挙の更新間隔" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "キャッシュをクリーンアップする間隔" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "ID 検索に TLS を要求する" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "ユーザー検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "ユーザー検索の範囲" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "ユーザー検索のフィルター" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "ユーザーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "ユーザー名の属性" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "UID の属性" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "プライマリー GID の属性" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "GECOS の属性" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "ホームディレクトリの属性" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "シェルの属性" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "objectSID 属性" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "ID マッピングの Active Directory プライマリーグループ属性" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "ユーザープリンシパルの属性(Kerberos 用)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "氏名" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "memberOf 属性" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "shadowLastChange 属性" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "shadowMin 属性" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "shadowMax 属性" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "shadowWarning 属性" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "shadowInactive 属性" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "shadowExpire 属性" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "shadowFlag 属性" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "認可された PAM サービスを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "認可されたサーバーホストを一覧化する属性" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange 属性" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration 属性" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "サーバー側パスワードポリシーが有効であることを意味する属性" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "AD の accountExpires 属性" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "AD の userAccountControl 属性" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "nsAccountLock 属性" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "NDS の loginDisabled 属性" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "NDS の loginExpirationTime 属性" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS の loginAllowedTimeMap 属性" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "SSH 公開鍵の属性" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "グループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "グループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "グループ名" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "グループのパスワード" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "GID 属性" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "グループメンバー属性" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "グループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "ネットグループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "ネットグループのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "ネットグループ名" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "ネットグループメンバーの属性" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "ネットグループの三つ組の属性" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "ネットグループの変更日時の属性" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "サービス検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "サービスのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "サービス名の属性" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "サービスポートの属性" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "サービスプロトコルの属性" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "ID マッピングの下限" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "ID マッピングの上限" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "ID マッピングするとき、各スライスに対する ID の数" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの名前" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "ID マッピングに対するデフォルトドメインの SID" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" +msgstr "グループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します" +msgstr "ネットグループ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の下限の設定" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "LDAP サーバーから許可される ID の上限の設定" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "パスワード失効の評価のポリシー" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "どのルールがアクセス制御を評価するために使用されるか" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "パスワードの変更が許可される LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "LDAP パスワードの変更サーバーの DNS サービス名" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "sudo ルール検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "自動的な完全更新間隔" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "自動的なスマート更新間隔" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう" "か" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1360,158 +1371,158 @@ msgstr "" "sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン" "名" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット" "ワーク" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "ホスト属性に正規表現を含むルールを含めるかどうか" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "sudo ルールのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "sudo ルール名" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "sudo ルールのコマンドの属性" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "sudo ルールのホストの属性" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "sudo ルールのユーザーの属性" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "sudo ルールのオプションの属性" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "sudo ルールの runasuser の属性" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "sudo ルールの runasgroup の属性" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "sudo ルールの notbefore の属性" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "sudo ルールの notafter の属性" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "sudo ルールの order の属性" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "automounter マップのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "オートマウントのマップ名の属性" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "automounter マップエントリーのオブジェクトクラス" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "automounter マップエントリーのキー属性" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "automounter マップエントリーの値属性" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "automonter のマップ検索のベース DN" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "許可ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "禁止ユーザーのカンマ区切り一覧" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "デフォルトのシェル, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "ホームディレクトリーのベース" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "使用する NSS ライブラリーの名前" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "使用する PAM スタック" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "デーモンとして実行(デフォルト)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "対話的に実行(デーモンではない)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "非標準の設定ファイルの指定" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "バージョン番号を表示して終了する" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1693,7 +1704,7 @@ msgstr "パスワードの期限が切れました。いますぐパスワード #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "実行するデバッグレベル" @@ -1706,7 +1717,7 @@ msgstr "使用する SSSD ドメイン" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "ロケールの設定中にエラーが発生しました\n" @@ -2168,95 +2179,95 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "トランザクションエラー。ユーザーを変更できませんでした。\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "特定のユーザーを無効にする" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "すべてのユーザーを無効にする" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "特定のグループを無効にする" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "すべてのグループを無効にする" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "特定のネットワークグループを無効にする" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "すべてのネットワークグループを無効にする" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "特定のサービスの無効化" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "すべてのサービスの無効化" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "特定の autofs マップの無効化" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "すべての autofs マップの無効化" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "特定のドメインのみからエントリーを無効にする" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2265,7 +2276,7 @@ msgstr "" "ドメイン %1$s を開けませんでした。ドメインがサブドメイン (信頼済みドメイン) " "であれば、--domain/-d パラメーターの代わりに完全修飾名を使用してください。\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "利用可能なドメインを開けませんでした\n" diff --git a/po/nb.po b/po/nb.po index b1d45841742..6dc7d69e0db 100644 --- a/po/nb.po +++ b/po/nb.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:46+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -78,12 +78,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Tidsavbrudd for meldinger som sendes over SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -130,7 +130,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -256,1246 +256,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Identitetstilbyder" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Autentiseringstilbyder" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Tilgangskontrolltilbyder" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Passordbyttetilbyder" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Minste bruker-ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Største bruker-ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-domene" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA-tjeneradresse" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Vertsnavn for IPA-klient" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Tjeneradresse for Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos-område" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Tidsavbrudd for autentisering" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1677,7 +1685,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1690,7 +1698,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2124,102 +2132,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/nl.po b/po/nl.po index 0595141badc..5401af0c337 100644 --- a/po/nl.po +++ b/po/nl.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -23,7 +23,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -85,12 +85,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Timeout voor berichten die over SBUS worden verzonden" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Reguliere expressie om gebruikersnamen en domeinen te ontleden" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Printf-compatibel formaat voor het tonen van namen in volledige vorm" @@ -139,7 +139,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Entry cache achtergrond update timeout duur (in seconden)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Negatieve cache timeout duur (in seconden)" @@ -278,27 +278,31 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" "Of de tijd-gebaseerde attributen in sudo regels moeten worden geëvalueerd" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Moeten host namen en adressen gehashd worden in het known_hosts bestand" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -306,316 +310,316 @@ msgstr "" "Hoeveel seconden moet een host in het known_hosts bestand blijven nadat de " "host sleutels ervan werden aangevraagd" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Lijst met UID's of gebruikersnamen waarvoor toegang tot de PAC responder " "toegestaan is" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Identiteitaanbieder" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Authentiecatieaanbieder" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Toegangscontroleaanbieder" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Wachtwoordwijzigingsaanbieder" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "SUDO provider" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Autofs provider" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Host identity provider" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Minimum gebruiker ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Maximum gebruiker ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Schakel enumeratie van alle gebruikers/groepen" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Cache inloggegevens voor offline gebruik" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Sla vingerafdrukken van wachtwoorden op" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Laat gebruikers/groepen in volledige vorm zien" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Neem groepsleden niet mee in groep zoekacties" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Entry cache timeout duur (in seconden)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Beperk of geef de voorkeur aan een specifieke adresfamilie wanneer er DNS-" "lookups uitgevoerd worden" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Hoe lang blijven gegevens opgeslagen na een succesvolle login (in dagen)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Hoe lang te wachten op antwoord van de DSN bij het opzoeken van servers (in " "seconden)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Het domeingedeelte van DNS queries die service discovery uitvoeren" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "Overschrijf GID waarde van de identiteit aanbieder met deze waarde" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Behandel gebruikersnamen als hoofdlettergevoelig" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Hoe vaak moeten verlopen ingangen op de achtergrond ververst worden" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "De TTL die toegepast moet worden op de DNS ingang van de cliënt na het " "vernieuwen hiervan" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken " "van de DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Of de provider ook de PTR record expliciet moet vernieuwen" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit te " "voeren" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-domein" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA-serveradres" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adres van back-up IPA server" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA-clienthostname" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in " "FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Zoek basis voor HBAC gerelateerde objecten" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -623,372 +627,377 @@ msgstr "" "De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de " "IPA server" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Als dit op false ingesteld is, wordt het host argument gegeven door PAM " "genegeerd" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "De automounter locatie die door deze IPA client wordt gebruikt" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "Zoek in base voor object die info over IPA domein bevat " -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "Zoek in base voor objecten die info over ID bereiken bevat" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Active Directory domein" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Active Directory server adres" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Active Directory back-up server adres" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Active Directory cliënt hostnaam" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter om toegangsprivileges mee te bepalen" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos-serveradres" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Kerberos back-up server adres" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberos-rijk" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Authenticatie timeout" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Moeten kdcinfo bestanden aangemaakt worden" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Werkmap waar authenticatiegegevens opgeslagen worden" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Locatie van de authenticatiecache van de gebruiker" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Locatie van de keytab om authenticatiegegevens te valideren" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Schakel authenticatiegegevensvalidatie in" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "Sla het wachtwoord op indien offline voor later gebruik bij online " "authenticatie" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Vernieuwbare levensduur van de TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Levensduur van de TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Tijd tussen twee checks voor vernieuwing" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Zet FAST aan" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST " -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Zet hoofdpersoon sanctioneren aan" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Zet enterprise principals aan" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, de URI van de LDAP server" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, De URI van de LDAP server" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "De standaard base DN" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "De standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Het type authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Het authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Hoe lang pogen te verbinden" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Hoe lang proberen synchroon LDAP te benaderen" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens " "offline zijn" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Bestand dat de bekende CA-certificaten bevat" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Pad naar de CA-certificatenmap" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Bestand dat het client certificaat bevat" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Bestand dat de client sleutel bevat" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Lijst van mogelijke sleutel suites" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Vereis verificatie van het TLS-certificaat" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Specificeer het te gebruiken sasl autorisatiegebied " -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Kerberos service keytab" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Volg LDAP-doorverwijzingen" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Levensduur van TGT voor LDAP-connectie" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Hoe moet de alias referentie verwijderd worden" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Service naam voor DNS service opzoeken" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" "Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Het aantal leden van moet ontbreken om een volledige de-referentie te " "veroorzaken" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -996,390 +1005,392 @@ msgstr "" "Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " "autoriseren tijdens een SASL binding" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "entryUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "lastUSN attribuut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het " "losgekoppeld wordt" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Het LDAP paging besturingselement uitschakelen" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Zet Active Directory bereik opvragen uit" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Tijd om te wachten op een zoekopdracht" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Tijdsduur te wachten voor een opsommingsverzoek" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Tijd om te wachten tussen enumeratie-updates" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Tijdsduur tussen cache opschoningen" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Vereis TLS voor het opzoeken van ID's" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Base DN voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Scope voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filter voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass voor gebruikers" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Username-attribuut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "UID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Primair GID-attribuut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "GECOS-attribuut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Gebruikersmap-attribuut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Shell-attribuut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "objectSID attribuut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active Directory primaire groep attribuut voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Userprincipal-attribuut (voor Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Volledige naam" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "memberOf-attribuut" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Modification time-attribuut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "shadowLastChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "shadowMin attribuut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "shadowMax attribuut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "shadowWarning attribuut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "shadowInactive attribuut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "shadowExpire attribuut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "shadowFlag attribuut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Attribuut voor tonen van geautoriseerde PAM services" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Attribuut dat geautoriseerde server hosts toont" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange attribuut" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration attribuut" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "accountExpires attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "userAccountControl attribuut van AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "nsAccountLock attribuut" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap attribuut van NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "SSH publieke sleutel attribuut" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "Basis DN voor groep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Objectklasse voor groepen" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Groepsnaam" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Groep wachtwoord" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "GID attribuut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Groep deelnemer attribuut" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Verandertijd attribuut voor groepen" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "Basis DN voor netgroep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Objectklasse voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Netgroep naam" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Netgroep leden attribuut" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Netgroep triple attibuut" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Verandertijd attribuut voor netgroepen" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Basis DN voor service lookups" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Objectclass voor services" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Service naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Service port attribuut" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Service protocol attribuut" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Ondergrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Bovengrens voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "Aantal ID's voor elk segment bij ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Naam van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken" +msgstr "Basis DN voor groep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken" +msgstr "Basis DN voor netgroep opzoeken" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Policy om wacthwoordverloop mee te evalueren" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Welke attributen worden gebruikt voor evaluatie als het account verlopen is" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" "Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "DNS service naam voor LDAP wachtwoord verander server" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1387,23 +1398,23 @@ msgstr "" "Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " "wachtwoordwijziging" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Basis DN voor sudo regels lookups" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Automatische volledige ververs periode" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Automatische slimme ververs periode" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1411,161 +1422,161 @@ msgstr "" "Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor " "het filteren van sudo regels" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo " "regels" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Moeten regels toegevoegd worden die regulaire expressie bevatten in host " "attribuut " -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Objectklasse voor sudo regels" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Sudo regelnaam" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Sudo regel opdracht attribuut" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Sudo regel host attribuut" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Sudo regel gebruiker attribuut" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Sudo regel optie attribuut" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "Sudo regel runasuser attribuut" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Sudo regel runasgroup attribuut" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Sudo regel notbefore attribuut" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Sudo regel notafter attribuut" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Sudo regel volgorde attribuut" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Object class voor automounter maps" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Automounter map naam attribuut" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Objectklasse voor automounter map ingaven" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Automounter map sleutel ingave attribuut" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Automounter map ingavewaarde attribuut" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Basis DN voor automounter kaart opzoeken" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Kommagescheiden lijst van toegestane gebruikers" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Kommagescheiden lijst van geweigerde gebruikers" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Standaard shell, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Basis voor gebruikersmappen" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "PAM-stack die gebruikt wordt" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Start in de achtergrond (standaard)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Start interactief (standaard)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Geef een niet-standaard configuratiebestand op" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Print versie nummer en sluit af" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1749,7 +1760,7 @@ msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Het debugniveau waarmee gestart wordt" @@ -1762,7 +1773,7 @@ msgstr "Hrt te gebruiken SSSD domein" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Fout bij het zetten van de locale\n" @@ -2228,96 +2239,96 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transactiefout. Kan de gebruiker niet aanpassen.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" "Geen enkel cache object komt overeen met de gespecificeerde zoekopdracht\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Maak bepaalde gebruiker ongeldig" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Maak alle gebruikers ongeldig" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Maak bepaalde groep ongeldig" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Maak alle groepen ongeldig" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Maak bepaalde netgroep ongeldig" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Maak alle netgroepen ongeldig" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Maak bepaalde service ongeldig " -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Maak alle services ongeldig" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Maak bepaalde autofs map ongeldig" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Maak alle autofs mappen ongeldig" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Maak alleen ingangen van een bepaald domein ongeldig" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Selecteer tenminste een object om ongeldig te maken\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2327,7 +2338,7 @@ msgstr "" "is, gebruik dan de volledig gekwalificeerde naam in plaats van --domain/-d " "parameter.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Kon beschikbare domeinen niet openen\n" diff --git a/po/pl.po b/po/pl.po index 100b8741c06..e3352155cf3 100644 --- a/po/pl.po +++ b/po/pl.po @@ -9,12 +9,13 @@ # Piotr Drąg , 2016. #zanata # Piotr Drąg , 2017. #zanata # Piotr Drąg , 2018. #zanata +# Piotr Drąg , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" -"PO-Revision-Date: 2018-03-09 11:38+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" +"PO-Revision-Date: 2019-03-01 06:40+0000\n" "Last-Translator: Piotr Drąg \n" "Language-Team: Polish (http://www.transifex.com/projects/p/sssd/language/" "pl/)\n" @@ -24,7 +25,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " "|| n%100>=20) ? 1 : 2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -89,12 +90,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Czas oczekiwania na komunikaty wysyłane przez SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Wyrażenie regularne do przetworzenia nazwy użytkownika i domeny" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Format zgodny z printf do wyświetlania w pełni kwalifikowanych nazw" @@ -145,7 +146,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Czas oczekiwania aktualizacji tła pamięci podręcznej wpisów (sekundy)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Ujemny czas oczekiwania pamięci podręcznej (sekundy)" @@ -282,17 +283,21 @@ msgstr "Ile sekund pam_sss ma oczekiwać na ukończenie p11_child" msgid "Which PAM services are permitted to contact application domains" msgstr "Które usługi PAM mają zezwolenie na kontakt z domenami aplikacji" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "Usługi mogące używać kart smardcard" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "Określa, czy szacować atrybuty oparte na czasie w regułach sudo" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" "Jeśli jest włączone, usługa SSSD przełączy z powrotem do logiki kolejności " "„niższe wygrywa”" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." @@ -300,70 +305,70 @@ msgstr "" "Maksymalna liczba reguł, jaką można odświeżyć jednocześnie. Jeśli zostanie " "przekroczona, wykonywane jest pełne odświeżenie." -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "Określa, czy mieszać nazwy komputerów i adresy w pliku known_hosts" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" "Ile sekund przechowywać komputer w pliku known_hosts po zażądaniu jego kluczy" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "Ścieżka do miejsca przechowywania zaufanych certyfikatów CA" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego " "PAC" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "Jak długo dane PAC są uważane za prawidłowe" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Lista UID lub nazw użytkowników mających dostęp do programu odpowiadającego " "InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Lista atrybutów użytkownika, które InfoPipe może publikować" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "Dostawca przechowujący hasła" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "Maksymalnie dozwolona liczba zagnieżdżonych kontenerów" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "Maksymalna liczba przechowywanych haseł" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "Maksymalna liczba haseł przechowywanych na UID" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "Maksymalny rozmiar ładunku hasła w kilobajtach" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "Adres URL Custodia, który serwer nasłuchuje" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "Metoda używana podczas uwierzytelniania z serwerem Custodia" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" @@ -371,37 +376,37 @@ msgstr "" "Nazwa nagłówków dodawanych do żądania HTTP z wartością określoną " "w auth_header_value" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "Wartość, którą sssd-secrets używałoby dla auth_header_name" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "Lista nagłówków do przekazania do serwera Custodia razem z żądaniem" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" "Nazwa użytkownika używana podczas uwierzytelniania z serwerem Custodia za " "pomocą basic_auth" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" "Hasło używane podczas uwierzytelniania z serwerem Custodia za pomocą " "basic_auth" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" "Czy certyfikat prawdziwego partnera jest weryfikowany, jeśli proxy_url używa " "protokołu HTTPS" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" @@ -409,301 +414,301 @@ msgstr "" "Czy certyfikat fałszywego partnera może zawierać inną nazwę komputera niż " "proxy_url, kiedy używany jest protokół HTTPS" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "Ścieżka do katalogu z certyfikatami CA" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "Ścieżka do pliku zawierającego certyfikat CA serwera" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "Ścieżka do pliku zawierającego certyfikat klienta" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "Ścieżka do pliku zawierającego klucz prywatny klienta" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Dostawca tożsamości" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Dostawca uwierzytelniania" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Dostawca kontroli dostępu" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Dostawca zmiany hasła" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "Dostawca SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Dostawca Autofs" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Dostawca tożsamości komputera" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "Dostawca SELinuksa" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "Dostawca zarządzania sesją" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "Czy domena jest używalna przez system operacyjny lub aplikacje" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Minimalny identyfikator użytkownika" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Maksymalny identyfikator użytkownika" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Włącza wyliczanie wszystkich użytkowników/grup" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Dane uwierzytelniające pamięci podręcznej dla logowań w trybie offline" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Przechowuje mieszanie haseł" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Wyświetla użytkowników/grupy w pełni kwalifikowanej formie" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Bez dołączania członków grup w wyszukiwaniach grup" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania " "wyszukiwań DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym " "zalogowaniu (dni)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów " "(sekundy)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Część domeny zapytania DNS wykrywania usługi" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "Zastępuje wartość GID z dostawcy tożsamości tą wartością" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Rozróżnianie wielkości liter w nazwach użytkowników" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Jak często odświeżać w tle wygasłe wpisy" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Czy automatycznie aktualizować wpis DNS klienta" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Interfejs, którego adres IP powinien być używany do dynamicznych " "aktualizacji DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Jak często okresowo aktualizować wpis DNS klienta" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Określa, czy dostawca powinien aktualizować także wpis PTR" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Określa, czy narzędzie nsupdate powinno domyślnie używać portu TCP" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Jakiego rodzaju uwierzytelnianie powinno być używane do wykonywania " "aktualizacji DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "Zastępuje serwer DNS używany do wykonywania aktualizacji DNS" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Kontrola wyliczania zaufanych domen" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Jak często odświeżać listę poddomen" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "Lista opcji dziedziczonych przez poddomenę" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "Domyślna wartość katalogu domowego poddomeny" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" "Jak długo dane uwierzytelniania w pamięci podręcznej mogą być używane do " "uwierzytelniania w pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "Czy automatycznie tworzyć prywatne grupy dla użytkowników" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Domena IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Adres serwera IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adres zapasowego serwera IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nazwa komputera klienta IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z HBAC" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie " "zignorowany" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "Położenie automountera, którego używa ten klient IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" "Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" "Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "Włącza witryny DNS — wykrywanie usług na podstawie położenia" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "Podstawa wyszukiwania dla widoku kontenerów" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "Klasa obiektu dla widoku kontenerów" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "Atrybut z nazwą widoku" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "Klasa obiektu dla obiektów zastępowania" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "Atrybut z odniesieniem do pierwotnego obiektu" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "Klasa obiektu dla obiektów zastępowania użytkownika" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "Klasa obiektów dla obiektów zastępowania grup" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "Podstawa wyszukiwania pod kątem obiektów związanych z profilem pulpitu" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" "Czas w sekundach między wyszukiwaniami reguł profilu pulpitu w serwerze IPA" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" @@ -711,46 +716,46 @@ msgstr "" "Czas w minutach między wyszukiwaniami reguł profilów pulpitu w serwerze IPA, " "kiedy ostatnie żądanie nie odnalazło żadnej reguły" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Domena Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "Włączone domeny Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Adres serwera Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Adres zapasowego serwera Active Directory" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Nazwa komputera klienta Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Filtr LDAP do określenia uprawnień dostępu" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Czy używać Global Catalog do wyszukiwań" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Tryb działania dla kontroli dostępu opartej na GPO" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "Czas między wyszukiwaniami plików polityki GPO w serwerze AD" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -758,7 +763,7 @@ msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO " "(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -766,259 +771,264 @@ msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO " "(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Nazwy usług PAM mapujących do ustawień polityki GPO (Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Nazwy usług PAM, dla których zawsze udzielany jest dostęp oparty na GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Nazwy usług PAM, dla których zawsze odmawiany jest dostęp oparty na GPO" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Domyślne uprawnienie logowania (lub zezwolenie/odmowa) do użycia dla " "niemapowanych nazw usług PAM" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "konkretna strona używana przez klienta" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" "Maksymalny wiek w dniach przed wymaganiem odnowienia hasła konta komputera" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "Opcja dostrajania zadania odnawiania konta komputera" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Adres serwera Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Adres zapasowego serwera Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Obszar Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Czas oczekiwania na uwierzytelnienie" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Określa, czy tworzyć pliki kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "Gdzie umieścić wstawki konfiguracji krb5" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" "Katalog do przechowywania pamięci podręcznych danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Włącza sprawdzanie danych uwierzytelniających" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia " "w trybie online" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Odnawialny czas trwania TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Czas trwania TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Czas między dwoma sprawdzaniami odnowy" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Włącza FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Wybiera naczelnika do użycia dla FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Włącza ujednolicanie naczelnika" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Włącza naczelników enterprise" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "Mapa nazw użytkowników do nazw naczelników Kerberos" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje " "się w KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, adres URI serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, adres URI serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Domyślna podstawowa DN" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Hasło wygasło. Proszę je zmienić teraz." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Domyślne DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Token uwierzytelniania domyślnego DN dowiązania" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Czas do próby połączenia" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Czas do próby synchronicznych działań LDAP" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Czas między próbami ponownego połączenia w trybie offline" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Użycie tylko wielkich znaków w nazwach obszarów" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Plik zawierający certyfikaty CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Ścieżka do katalogu certyfikatów CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Plik zawierający certyfikat klienta" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Plik zawierający klucz klienta" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Lista możliwych zestawów szyfrów" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Wymaga sprawdzenia certyfikatu TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Podaje używany mechanizm SASL" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Podaje używany identyfikator upoważnienia SASL" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Podaje obszar upoważnienia SASL do użycia" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Tablica kluczy usługi Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Podąża za odsyłaniami LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Czas trwania TGT dla połączenia LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Jak wskazywać aliasy" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Nazwa usługi do wyszukiwań usługi DNS" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "Suma liczb, których musi brakować, aby wywołać pełne „deref”" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1026,389 +1036,391 @@ msgstr "" "Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby " "ujednolicić nazwę komputera podczas dowiązania SASL" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "Atrybut entryUSN" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "Atrybut lastUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Wyłącza kontrolę stronicowania LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Wyłącza pobieranie zakresu Active Directory" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Czas oczekiwania na żądanie wyszukiwania" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Czas oczekiwania na żądanie wyliczenia" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Czas między aktualizacjami wyliczania" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Czas między czyszczeniem pamięci podręcznej" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Wymaga TLS dla wyszukiwania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Podstawowe DN dla wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Zakres wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtruje wyszukiwania użytkowników" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Klasa obiektów dla użytkowników" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Atrybut nazwy użytkownika" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Atrybut UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Pierwszy atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Atrybut GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Atrybut katalogu domowego" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Atrybut powłoki" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "Atrybut UUID" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "Atrybut objectSID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Atrybut głównego użytkownika (dla Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Imię i nazwisko" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Atrybut memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Atrybut czasu modyfikacji" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "Atrybut shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "Atrybut shadowMin" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "Atrybut shadowMax" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "Atrybut shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "Atrybut shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "Atrybut shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "Atrybut shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Atrybut zawierający listę upoważnionych usług PAM" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "Atrybut zawierający listę upoważnionych rhosts serwera" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "Atrybut krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "Atrybut krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "Atrybut accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "Atrybut userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "Atrybut nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "Atrybut loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "Atrybut loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Atrybut loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Atrybut klucza publicznego SSH" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" "atrybut zawierający listę dozwolonych typów uwierzytelniania dla użytkownika" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "atrybut zawierający certyfikat X509 użytkownika" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "atrybut zawierający adres e-mail użytkownika" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "Lista dodatkowych atrybutów do pobrania razem z wpisem użytkownika" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "Podstawowe DN dla wyszukiwania grup" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Klasa obiektów dla grup" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Nazwa grupy" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Hasło grupy" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Atrybut GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Atrybut elementu grupy" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "Atrybut UUID grupy" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Atrybut czasu modyfikacji grup" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Typ grupy i inne flagi" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "Atrybut zewnętrznego członka grupy LDAP" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Klasa obiektów dla grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Nazwa grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Atrybut elementów grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Potrójny atrybut grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Atrybut czasu modyfikacji grup sieciowych" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Podstawowe DN do wyszukiwania usług" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Klasa obiektów dla usług" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Atrybut nazwy usługi" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Atrybut portu usługi" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Atrybut protokołu usługi" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Niższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Wyższa granica dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Liczba identyfikatorów dla każdego fragmentu podczas mapowania " "identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID domyślnej domeny dla mapowania identyfikatorów" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "Liczba drugorzędnych fragmentów" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup" +msgstr "Podstawowe DN dla wyszukiwania grup" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych" +msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Czy używać Token-Groups" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Ustawia dolną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Ustawia górną granicę dla dozwolonych identyfikatorów z serwera LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "DN dla zapytań polityki" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Ile maksymalnie wpisów pobierać podczas żądania z wieloznacznikiem" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Polityka do oszacowania wygaszenia hasła" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1416,24 +1428,24 @@ msgstr "" "Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie " "hasła" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Podstawowe DN dla wyszukiwań reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Okres między automatycznymi pełnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Okres między automatycznymi inteligentnymi odświeżeniami" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1441,162 +1453,162 @@ msgstr "" "Nazwy komputerów lub w pełni kwalifikowane nazwy domen tego komputera do " "filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie " "komputera" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Klasa obiektów dla reguł sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Nazwa reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Atrybut polecenia reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Atrybut komputera reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Atrybut użytkownika reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Atrybut opcji reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "Atrybut runas reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "Atrybut runasuser reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Atrybut runasgroup reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Atrybut notbefore reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Atrybut notafter reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Atrybut kolejności reguły sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Klasa obiektów dla map automountera" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Atrybut nazwy mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Klasa obiektów dla wpisów map automountera" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Atrybut klucza wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Atrybut wartości wpisu mapy automountera" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Podstawowe DN dla wyszukiwań map automountera" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Lista zabronionych użytkowników oddzielonych przecinkami" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Domyślna powłoka, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Podstawa katalogów domowych" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "Liczba elementów potomnych pośrednika przed rozwidleniem." -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Nazwa używanej biblioteki NSS" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli " "to możliwe" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Używany stos PAM" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." -msgstr "" +msgstr "Ścieżka źródeł pliku „passwd”." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." -msgstr "" +msgstr "Ścieżka źródeł pliku „group”." -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Uruchamia jako usługa (domyślnie)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Uruchamia interaktywnie (nie jako usługa)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "Wyłącza interfejs netlink" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Podaje niedomyślny plik konfiguracji" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "Odświeża bazę danych konfiguracji, a następnie kończy działanie" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Wyświetla numer wersji i kończy działanie" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "Usługa SSSD jest już uruchomiona\n" @@ -1781,7 +1793,7 @@ msgstr "Hasło wygasło. Proszę je zmienić teraz." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Poziom debugowania, z jakim uruchomić" @@ -1794,7 +1806,7 @@ msgstr "Używana domena SSSD" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Błąd podczas ustawiania lokalizacji\n" @@ -1816,7 +1828,7 @@ msgstr "Port do użycia do połączenia z komputerem" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 msgid "Print the host ssh public keys" -msgstr "" +msgstr "Wyświetla publiczne klucze SSH komputera" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" @@ -2263,85 +2275,85 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Nie można unieważnić %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Nie można unieważnić %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "Unieważnia wszystkie wpisy w pamięci podręcznej" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Unieważnia podanego użytkownika" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Unieważnia wszystkich użytkowników" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Unieważnia podaną grupę" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Unieważnia wszystkie grupy" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Unieważnia podaną grupę sieciową" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Unieważnia wszystkie grupy sieciowe" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Unieważnia podaną usługę" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Unieważnia wszystkie usługi" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Unieważnia podaną mapę autofs" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Unieważnia wszystkie mapy autofs" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "Unieważnia konkretny komputer SSH" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "Unieważnia wszystkie komputery SSH" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "Unieważnia podaną regułę sudo" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "Unieważnia wszystkie reguły sudo w pamięci podręcznej" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Unieważnia wpisy tylko z podanej domeny" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2349,11 +2361,11 @@ msgstr "" "Podano nieoczekiwane parametry, opcje unieważniające jeden obiekt przyjmują " "tylko jeden podany parametr.\n" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2363,7 +2375,7 @@ msgstr "" "domeną), należy użyć w pełni kwalifikowanej nazwy zamiast parametru --" "domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Nie można otworzyć dostępnych domen\n" @@ -2715,19 +2727,16 @@ msgid "" "Check that SSSD is running and the InfoPipe responder is enabled. Make sure " "'ifp' is listed in the 'services' option in sssd.conf.\n" msgstr "" -"Proszę sprawdzić, czy usługa SSSD jest uruchomiona i program odpowiadający " -"InfoPipe jest włączony. Należy się upewnić, że „ifp” jest w opcji „services” " -"pliku sssd.conf.\n" #: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format +#, fuzzy, c-format msgid "Unable to connect to the InfoPipe" -msgstr "Nie można połączyć z InfoPipe" +msgstr "Nie można połączyć się z magistralą systemową.\n" #: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format +#, fuzzy, c-format msgid "Unable to get user object" -msgstr "Nie można uzyskać obiektu użytkownika" +msgstr "Nie można uzyskać listy serwerów\n" #: src/tools/sssctl/sssctl_user_checks.c:101 #, c-format @@ -2735,9 +2744,9 @@ msgid "SSSD InfoPipe user lookup result:\n" msgstr "Wynik wyszukiwania użytkownika InfoPipe usługi SSSD:\n" #: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format +#, fuzzy, c-format msgid "Unable to get user name attr" -msgstr "Nie można uzyskać atrybutu nazwy użytkownika" +msgstr "Nie można uzyskać listy serwerów\n" #: src/tools/sssctl/sssctl_user_checks.c:146 #, c-format @@ -2981,3 +2990,16 @@ msgstr "Informuje, że program odpowiadający został aktywowany gniazdem" #: src/util/util.h:87 msgid "Informs that the responder has been dbus-activated" msgstr "Informuje, że program odpowiadający został aktywowany magistralą D-Bus" + +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Dodatkowy czas oczekiwania na kartę, jeśli zażądano" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "Adres URI PKCS#11 do ograniczenia wyboru urządzeń dla uwierzytelniania za " +#~ "pomocą kart smartcard" + +#~ msgid "Similar to --genconf, but only refreshes the given section" +#~ msgstr "Podobne do --genconf, ale odświeża tylko podaną sekcję" diff --git a/po/pt.po b/po/pt.po index 0bc7a160abc..15691ecbfdf 100644 --- a/po/pt.po +++ b/po/pt.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:47+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -77,12 +77,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Limite de tempo para mensagens enviadas sobre SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Expressão regular para obter nome do utilizar e domínio" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Formato compatível com o printf para apresentar nomes completos" @@ -129,7 +129,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Validade da actualização da cache em segundo plano (segundos)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Validade da cache negativa (segundos)" @@ -260,1252 +260,1261 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Fornecedor de identidade" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Fornecedor de autenticação" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Fornecedor de controle de acesso" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Fornecedor de Alteração de Senha" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "ID de utilizador mínimo" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "ID de utilizador máximo" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Permitir enumeração de todos os utilizadores/grupos" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Efectuar cache de credenciais para sessões em modo desligado" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Guardar hashes da senha" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Apresentar utilizadores/grupos na forma completa" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Validade da cache (segundos)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Restringir ou preferir famílias de endereços especificas quando efectua " "consultas DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Durante quanto tempo devem ser permitidas as caches de sessões entre sessões " "bem sucedidas (dias)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Domínio IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Endereço do servidor IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Nome da máquina do cliente IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Endereço do servidor Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Reino Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Tempo de expiração da autenticação" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Directório para armazenar as caches de credenciais" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Localização da cache de credenciais dos utilizadores" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Localização da tabela de chaves (keytab) para validar credenciais" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Activar validação de credenciais" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor onde está em execução o serviço de alteração de senha, se não " "coincide com o KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, O URI do servidor LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "A base DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "A senha expirou. Altere a sua senha agora." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "O DN por omissão para a ligação" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "O tipo de token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "O token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Período de tempo para tentar ligação" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tempo de espera para tentar operações LDAP síncronas" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Ficheiro que contêm os certificados CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Caminho para o directório do certificado CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Obriga a verificação de certificados TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Especificar mecanismo sasl a utilizar" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Especifique o id sasl para utilizar na autorização" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Separador chave do serviço Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilizar autenticação Kerberos para ligações LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Seguir os referrals LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Tempo de espera por um pedido de pesquisa" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Período de tempo entre enumeração de actualizações" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Requer TLS para consultas de ID" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "DN base para pesquisa de utilizadores" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Âmbito das pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filtro para as pesquisas do utilizador" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass para utilizadores" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Atributo do nome do utilizador" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Atributo GID primário" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Atributo da pasta pessoal" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Atributo da Shell" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal do utilizador (para Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Nome Completo" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Atributo da alteração da data" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Politica para avaliar a expiração da senha" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Lista de utilizadores autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Lista de utilizadores não autorizados separados por vírgulas" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Shell pré-definida, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Directório base para as pastas pessoais" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "O nome da biblioteca NSS a utilizar" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Stack PAM a utilizar" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Tornar-se num serviço (omissão)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Executar interactivamente (não como serviço)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Especificar um ficheiro de configuração não standard" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1687,7 +1696,7 @@ msgstr "A senha expirou. Altere a sua senha agora." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "O nível de depuração a utilizar durante a execução" @@ -1700,7 +1709,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Erro ao definir a configuração regional\n" @@ -2152,102 +2161,102 @@ msgstr "Incapaz de modificar utilizador - utilizador já é membro de grupos?\n" msgid "Transaction error. Could not modify user.\n" msgstr "Erro na transacção. Não foi possível modificar o utilizador.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/pt_BR.po b/po/pt_BR.po index fc6466c7d61..1b3922359c8 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2015-10-27 08:15+0000\n" "Last-Translator: Marco Aurélio Krause \n" "Language-Team: Portuguese (Brazil)\n" @@ -11,7 +11,7 @@ msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" #: src/config/SSSDConfig/__init__.py.in:43 @@ -72,12 +72,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -124,7 +124,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -250,1246 +250,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1671,7 +1679,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1684,7 +1692,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2118,102 +2126,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/ru.po b/po/ru.po index 2e1deed2bc9..0b3833cdb94 100644 --- a/po/ru.po +++ b/po/ru.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2016-02-23 10:04+0000\n" "Last-Translator: Oleksii Levan \n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -80,12 +80,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Тайм-аут для сообщений, отправленных через SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Регулярное выражение для разбора имени пользователя и домена" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Printf-совместимый формат для отображения полностью определённых имён" @@ -135,7 +135,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Тайм-аут фонового обновления элемента списка кэша (в секундах)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Отрицательная длина тайм-аута кэша (в секундах)" @@ -277,1253 +277,1262 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Поставщик данных для идентификации" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Поставщик данных для проверки подлинности" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Поставщик данных для контроля доступа" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Поставщик операции смены пароля" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Минимальный ID пользователя" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Максимальный ID пользователя" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Включить перечисление всех пользователей/групп" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Кэшировать учётные данные для неинтерактивного входа" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Хранить хеши паролей" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Отображать пользователей/группы в полной форме" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Тайм-аут элемента списка кэша (в секундах)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Ограничивать или предпочитать определённое семейство адресов при выполнении " "запросов DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Как долго хранить кэшированные элементы списка после последнего успешного " "входа (в днях)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "Время ожидания ответа DNS при преобразовании имён серверов (секунд)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Доменная часть DNS-запроса поиска служб" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Интерфейс, адрес которого будет использован для обновления DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-домен" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "адрес сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "имя узла клиента IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Если требуется автоматическое обновление записи в" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Фильтр LDAP для определения прав доступа" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Имя сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Область действия Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Тайм-аут проверки подлинности" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Каталог для хранения кэшей учётных данных" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Расположения кэша учётных данных пользователей" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Расположение keytab-файла для проверки учётных данных" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Включить проверку учётных данных" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" "При отсутствии соединения сохранить пароль и пройти аутентификацию позже" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI сервера LDAP " -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Base DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Срок действия пароля истёк. Необходимо сейчас изменить ваш пароль." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Тип маркера проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Маркер проверки подлинности для bind DN по умолчанию" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Временной интервал для попытки соединения" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Временной интервал для попытки синхронизации операций LDAP" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Временной интервал между попытками возобновления соединения в автономного " "режиме" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Файл содержащий сертификаты CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Путь к каталогу с сертификатами CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Требуется проверка сертификата TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Укажите механизм sasl" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Укажите идентификатор авторизации sasl" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Keytab-файл службы Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Следовать ссылкам LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Время жизни TGT для LDAP-соединений" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Временной интервал, в течение которого ожидать поискового запроса" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Временной интервал между обновлениями перечисления" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Требовать TLS для запросов ID" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Base DN для поиска" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Глубина поиска" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Фильтр поиска" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objectclass для пользователей" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Атрибут «username»" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Атрибут «UID»" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Атрибут «primary GID»" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Атрибут «GECOS»" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Атрибут домашнего каталога" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Атрибут оболочки" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут участника-пользователя (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Полное имя" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Атрибут времени изменения" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Политика вычисления окончания срока действия пароля" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Разделённый запятыми список разрешённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Разделённый запятыми список запрещённых пользователей" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Оболочка по умолчанию, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Место для домашних каталогов" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Имя используемой библиотеки NSS" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Используемый стек PAM" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Запускаться в качестве службы (по умолчанию)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Запускаться интерактивно (не службой)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Указать файл конфигурации" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1707,7 +1716,7 @@ msgstr "Срок действия пароля истёк. Необходимо #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Уровень отладки для запуска" @@ -1720,7 +1729,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2169,102 +2178,102 @@ msgstr "Не удалось изменить пользователя — он msgid "Transaction error. Could not modify user.\n" msgstr "Ошибка в транзакции. Не удалось изменить пользователя.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/sssd.pot b/po/sssd.pot index 940968b2504..e351f82ffb5 100644 --- a/po/sssd.pot +++ b/po/sssd.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -75,12 +75,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -127,7 +127,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -253,1246 +253,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1674,7 +1682,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1687,7 +1695,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2121,102 +2129,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/sv.po b/po/sv.po index bde18a8bcc1..e193b50b75d 100644 --- a/po/sv.po +++ b/po/sv.po @@ -4,13 +4,14 @@ # # Translators: # Göran Uddeborg , 2013-2014 +# Anders Jonsson , 2018. #zanata # Göran Uddeborg , 2018. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" -"PO-Revision-Date: 2018-06-03 04:06+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" +"PO-Revision-Date: 2018-06-25 02:36+0000\n" "Last-Translator: Göran Uddeborg \n" "Language-Team: Swedish (http://www.transifex.com/projects/p/sssd/language/" "sv/)\n" @@ -19,7 +20,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -79,12 +80,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Tidsgräns för meddelanden skickade via SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Reguljäruttryck för att tolka användarnamn och domän" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Printf-kompatibla format för att visa fullständigt kvalificerade namn" @@ -102,7 +103,7 @@ msgstr "Domän att lägga till till namn utan en domändel." #: src/config/SSSDConfig/__init__.py.in:64 msgid "The user to drop privileges to" -msgstr "Användaren skall släppa behörigheter till" +msgstr "Användaren att släppa behörigheter till" #: src/config/SSSDConfig/__init__.py.in:65 msgid "Tune certificate verification" @@ -136,7 +137,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Tidsgränslängd för bakgrundsuppdateringar av postcache (sekunder)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Tidsgränslängd för negativ cache (sekunder)" @@ -176,7 +177,7 @@ msgstr "Åsidosätt skalvärdet från identitetsleverantören med detta värde" #: src/config/SSSDConfig/__init__.py.in:83 msgid "The list of shells users are allowed to log in with" -msgstr "Listan på skal användare får lova att logga in med" +msgstr "Listan på skal användare får lov att logga in med" #: src/config/SSSDConfig/__init__.py.in:84 msgid "" @@ -266,31 +267,35 @@ msgstr "Hur många sekunder kommer pam_sss vänta på p11_child att avsluta" #: src/config/SSSDConfig/__init__.py.in:105 msgid "Which PAM services are permitted to contact application domains" -msgstr "Vilken PAM-tjänster tillåts att kontakta applikationsdomäner" +msgstr "Vilka PAM-tjänster tillåts att kontakta applikationsdomäner" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "Om tidsbaserade attribut i sudo-regler skall beräknas" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" "Om sant kommer SSSD byta tillbaka till ordningslogiken att lägre vinner" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -"Maximalt antal regler som kan som kan uppdateras samtidigt. OM detta " +"Maximalt antal regler som kan som kan uppdateras samtidigt. Om detta " "överskrids utförs en fullständig uppdatering." -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" "Om värdnamn och adresser i known_hosts-filen skall göras till kontrollsummor" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -298,56 +303,56 @@ msgstr "" "Hur många sekunder att behålla en värd i filen known_hosts efter att dess " "värdnycklar begärdes" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "Sökväg till lagring av betrodda CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "Lista över UID:er eller användarnamn som tillåts komma åt PAC-svararen" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "Hur länge PAC-data betraktas som giltiga" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Lista över UID:er eller användarnamn som tillåts komma åt InfoPipe-svararen" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Lista över användarattribut InfoPipe får publicera" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "Leverantören där hemligheter kommer lagras i" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "Det maximala antalet tillåtna nästlade behållare" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "Det maximala antalet hemligheter som kan lagras" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "Det maximala antalet hemligheter som kan lagras per UID" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "Den maximala laststorleken av hemligheter i kilobyte" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "URL:en Custodia-servern lyssnar på" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "Metoden att använda vid autentisering mot en Custodia-server" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" @@ -355,11 +360,11 @@ msgstr "" "Namnet på huvudena som kommer läggas till i en HTTP-begäran med värdet " "definierat i auth_header_value" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "Värdet sssd-hemligheter skulle använda till auth_header_name" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" @@ -367,27 +372,27 @@ msgstr "" "Listan över huvuden att vidarebefordra till Custodia-servern tillsammans med " "begäran" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" "Användarnamnet att använda vid autentisering mot en Custodia-server med " "basic_auth" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" "Lösenordet att använda vid autentisering mot en Custodia-server med " "basic_auth" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" "Om sant verifieras motpartens certifikat om proxy_url använder protokollet " "https" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" @@ -395,281 +400,281 @@ msgstr "" "Om falskt får motpartens certifikat innehålla ett annat värdnamn än " "proxy_url när protokollet https används" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "Sökväg till katalogen där certifikatutfärdares certifikat lagras" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "Sökväg till filen som innehåller serverns CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "Sökväg till filen som innehåller klientens certifikat" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "Sökväg till filen som innehåller klientens privata nyckel" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" -msgstr "Identifiera leverantör" +msgstr "Identitetsleverantör" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Autentiseringsleverantör" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Leverantör av åtkomstkontroll" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Leverantör av lösenordsändringar" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "SUDO-leverantör" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Autofs-leverantör" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Värdidentitetsleverantör" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "SELinux-leverantör" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "Sessionshanteringsleverantör" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "Huruvida domänen är användbar av OS:et eller av program" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Minsta användar-ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Största användar-ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Aktivera uppräkning av alla användare/grupper" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Cache-kreditiv för frånkopplad inloggning" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Lagra lösenords-kontrollsummor" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Visa användare/grupper i fullständigt kvalificerat format" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Inkludera inte gruppmedlemmar i gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Tidsgränslängd för postcache (sekunder)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "Begränsa eller föredra en specifik adressfamilj vid DNS-uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Hur länge cachade poster skall behållas efter senaste lyckade inloggning " "(dagar)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "Hur länge man väntar på svar från DNS när servrar slås upp (sekunder)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Domändelen av DNS-frågan för tjänstedetektering" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "Åsidosätt GID-värdet från identitetsleverantören med detta värde" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Behandla användarnamn som skiftlägeskänsliga" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Hur ofta utgångna poster skall förnyas i bakgrunden" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Huruvida klienternas DNS-poster uppdateras automatiskt" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" -msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar" +msgstr "Gränssnittet vars IP skall användas för dynamiska DNS-uppdateringar" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Hur ofta klienternas DNS-poster periodiskt skall uppdateras" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Huruvida leverantören explicit skall uppdatera PTR-posten också" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Huruvida verktyget nsupdate skall använda TCP som standard" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Vilken sorts autentisering som skall användas för att utföra DNS-" "uppdateringen" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "Åsidosätt DNS-servern som används för att utföra DNS-uppdateringen" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Styr uppräkning av betrodda domäner" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Hur ofta skall listan över underdomäner uppdateras" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "Lista över flaggor som skall ärvas in i en underdomän" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "Standard hemkatalogvärde för underdomäner" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "Hur länge cachade kreditiv får användas för cachad autentisering" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "Huruvida privata grupper för användare skall skapas automatiskt" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA-domän" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA-serveradress" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Adress till reserv-IPA-server" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA-klientvärdnamn" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Sökbas för HBAC-relaterade objekt" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" "Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "Platsen för automatmonteraren denna IPA-klient använder" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "Sökbas för objekt som innehåller information om IPA-domänen" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "Sökbas för objekt som innehåller information om ID-intervall" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "Aktivera DNS-sajter - platsbaserad detektering av tjänster" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "Sökbas för vybehållare" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "Objektklass för vybehållare" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "Attribut med namnet på vyn" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "Objektklass för åsidosättande objekt" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "Attribut med referensen till originalobjektet" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "Objektklass för användaråsidosättande objekt" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "Objektklass för gruppåsidosättande objekt" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "Sökväg för objekt relaterade till skrivbordsprofiler" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" @@ -677,54 +682,54 @@ msgstr "" "Tiden i sekunder mellan uppslagningar av skrivbordsprofilsregler mot IPA-" "servern" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" "Tiden i minuter mellan uppslagningar av skrivbordsprofilsregler mot IPA-" -"servern när det den senaste förfrågan inte hittade någon regel" +"servern när den senaste förfrågan inte hittade någon regel" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Active Directory-domän" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "Aktivera Active Directory-domäner" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Adress till Active Directory-server" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Adress till Active Directory-reservserver" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Active Directory-klientvärdnamn" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter för att bestämma åtkomstprivilegier" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Huruvida den globala katalogen skall användas för uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Arbetsläge för GPO-baserad åtkomstkontroll" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "Tidsåtgången mellan uppslagningar av GPO-policyfiler mot AD-servern" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -732,7 +737,7 @@ msgstr "" "PAM-tjänstenamn som översätts till GPO-policyinställningen " "(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -740,255 +745,260 @@ msgstr "" "PAM-tjänstenamn som översätts till GPO-policyinställningen " "(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "PAM-tjänstenamn som översätts till GPO-policyinställningen " "(Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "PAM-tjänstenamn som översätts till GPO-policyinställningen " "(Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "PAM-tjänstenamn som översätts till GPO-policyinställningen " "(Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid tillåts" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "PAM-tjänstenamn för vilka GPO-baserad åtkomst alltid nekas" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Standardinloggningsrättigheter (eller permit/deny) att använda för omappade " "PAM-tjänstenamn" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "en viss sajt att användas av klienten" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "Maximal ålder i dagar innan maskinkontots lösenord skall förnyas" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "Flagga för att trimma maskinkontots förnyelseuppgift" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Adress till Kerberosserver" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Adress till reservserver för Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Kerberosrike" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Autentiseringstidsgräns" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Huruvida kdcinfo-filer skall skapas" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "Var konfigurationssnuttar för krb5 skall läggas" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Katalog att lagra kreditiv-cachar i" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Plats för användarens kreditiv-cache" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Plats för nyckeltabellen för att validera kreditiv" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Aktivera validering av kreditiv" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Förnybar livstid för TGT:n" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Livstid för TGT:n" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Tid mellan två kontroller av förnyelse" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Aktiverar FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Väljer huvudman att använda för FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Aktivera kanonisk form av huvudman" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Aktiverar företagshuvudmän" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "En översättning från användarnamn till Kerberos huvudmansnamn" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI:n för LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, URI:n för LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Standard bas-DN" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Schematypen som används i LDAP-servern, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Typen på autentiserings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Autentiserings-token för standard bindnings-DN" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Tidslängd att försöka ansluta" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" -msgstr "Tidslängd att försök synkrona LDAP-operationer" +msgstr "Tidslängd att försöka synkrona LDAP-operationer" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "Tidslängd mellan försök att återansluta vid frånkoppling" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Använd endast versaler för namn på riken" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Fil som innehåller CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Sökväg till katalogen med CA-certifikat" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Fil som innehåller klientcertifikatet" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Fil som innehåller klientnyckeln" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Lista över möjliga chiffersviter" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Kräv TLS-certifikatverifiering" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Ange sasl-mekanismen att använda" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Ange sasl-auktorisering-id att använda" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Ange sasl-auktoriseringsrike att använda" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Ange minsta SSF för LDAP-sasl-auktorisering" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Kerberostjänstens nyckeltabell" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" -msgstr "Använd Kerberosautentisering för LDAP-anslutningaä" +msgstr "Använd Kerberosautentisering för LDAP-anslutningar" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Följer LDAP-hänvisningar" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Livslängd på TGT för LDAP-anslutning" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Hur alias skall derefereras" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Tjänstenamn för uppslagning av DNS-tjänster" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -996,385 +1006,387 @@ msgstr "" "Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram " "värdnamnets kanoniska form under en SASL-bindning" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "entryUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "lastUSN-attribut" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Avaktivera flödesstyrningen (paging) av LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Avaktivera Active Directorys intervallhämtande" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Tidslängd att vänta på en sökbegäran" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Tidslängd att vänta på en uppräkningsbegäran" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Tidslängd mellan uppräkningsuppdateringar" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Tidslängd mellan cache-tömningar" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Kräv TLS för ID-uppslagningar" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" -msgstr "Använd ID-översättning av objectSID istället för pre-set ID:n" +msgstr "Använd ID-översättning av objectSID istället för förhandssatta ID:n" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Bas-DN för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Omfång av användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Filter för användaruppslagningar" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Objektklass för användare" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Användarnamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "UID-attribut" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Primärt GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "GECOS-attribut" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Hemkatalogattribut" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Skalattribut" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "UUID-attribut" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "objectSID-attribut" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Primärt gruppattribut i Active Directory för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Användarens huvudmansattribut (för Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Fullständigt namn" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "medlemAv-attribut" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Modifieringstidsattribut" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "attributet shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "shadowMin-attribut" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "shadowMax-attribut" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "shadowWarning-attribut" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "shadowInactive-attribut" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "shadowExpire-attribut" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "shadowFlag-attribut" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Attribut för listning av auktoriserade PAM-tjänster" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Attribut för listning av auktoriserade servervärdar" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "Attribut för listning av auktoriserade server-rhosts" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "attributet krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration-attribut" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "AD:s attribut accountExpires" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "AD:s attribut userAccountControl" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "attributet nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "NDS attribut loginDisabled" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "NDS attribut loginExpirationTime" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "NDS attribut loginAllowedTimeMap" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Attribut för publik SSH-nyckel" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "attribut för listning av tillåtna autentiseringstyper för en användare" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "attribut som innehåller användarens X509-certifikat" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "attribut som innehåller e-postadresser till användaren" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "En lista över extra attribut att hämta tillsammans med användarposten" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "Bas-DN för gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Objektklass för grupper" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Gruppnamn" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Grupplösenord" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "GID-attribut" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Gruppmedlemsattribut" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "Grupp-UUID-attribut" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Modifieringstidsattribut för grupper" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Typen av grupp och andra flaggor" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "LDAP-gruppens externa medlemsattribut" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" -msgstr "Maximal nästningsnivå SSSD kommer följa" +msgstr "Maximal nästlingsnivå SSSD kommer följa" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "Bas-DN för nätgruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Objektklass för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Nätgruppnamn" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Attribut på nätgruppmedlemmar" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Attribut på nätgruppstripplar" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Modifieringstidsattribut för nätgrupper" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Bas-DN för tjänsteuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Objektklass för tjänster" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Tjänstenamnsattribut" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Tjänsteportsattribut" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Tjänsteprotokollsattribut" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Undre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Övre gräns för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "Antal ID:n till varje skiva vid ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Använd en autorid-kompatibel algoritm för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Standarddomänens namn för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "Standarddomänens SID för ID-mappning" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "Antal sekundära skivor" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar" +msgstr "Bas-DN för gruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar" +msgstr "Bas-DN för nätgruppuppslagningar" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Huruvida Token-Groups skall användas" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Sätt undre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Sätt övre gräns för tillåtna ID:n från LDAP-servern" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "DN för ppolicy-frågor" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "Hur många poster att maximalt hämta i en joker-begäran" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Policy för att utvärdera utgång av lösenord" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1382,24 +1394,24 @@ msgstr "" "Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en " "ändring av lösenord" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Bas-DN för regeluppslagningar" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Intervall mellan automatisk fullständig omläsning" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Intervall mellan automatisk smart omläsning" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1407,161 +1419,161 @@ msgstr "" "Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för " "att filtrera sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera " "sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Huruvida regler som innehåller reguljära uttryck i värdattribut skall " "inkluderas" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Objektklass för sudo-regler" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Sudo-regelnamn" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Attribut för sudo-regelkommandon" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Attribut för sudo-regelvärd" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Attribut för sudo-regelanvändare" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Attribut för sudo-regelflaggor" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "Sudo-regel-runas-attribut" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "Attribut för sudo-runasuser" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Attribut på runasgroup i sudo-regel" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Attribut för sudo-notbefore-regler" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Attribut för sudo-notafter-regler" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Attribut för sudo-order-regler" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Objektklass för avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Attribut för namn i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Objektklass för poster i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Attribut för postnycklar i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Attribut på postvärde i avbildning för automatmonteraren" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Bas-DN för uppslagningar i avbildningar för automatmonterare" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Kommaseparerad lista över tillåtna användare" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Kommaseparerad lista över förbjudna användare" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Standardskal, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Bas för hemkataloger" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "Antal ombudsbarn före grening" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Namnet på NSS-biblioteket att använda" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "PAM-stack att använda" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." -msgstr "" +msgstr "Sökväg till lösenordsfilkällor." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." -msgstr "" +msgstr "Sökväg till gruppfilkällor." -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Bli en demon (standard)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Kör interaktivt (inte en demon)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "Avaktivera netlink-gränssnittet" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Ange en konfigurationsfil annan än standard" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "Uppdatera konfigurationsdatabasen, avsluta sedan" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Skriv ut versionsnumret och avsluta" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "SSSD kör redan\n" @@ -1579,7 +1591,7 @@ msgstr "Visa tidsstämplar med mikrosekunder" #: src/providers/krb5/krb5_child.c:3222 src/providers/ldap/ldap_child.c:611 msgid "An open file descriptor for the debug logs" -msgstr "Ett öppet filhandtag för felsökningsloggarna" +msgstr "En öppen fildeskriptor för felsökningsloggarna" #: src/providers/krb5/krb5_child.c:3225 src/providers/ldap/ldap_child.c:613 msgid "Send the debug output to stderr directly." @@ -1745,7 +1757,7 @@ msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu." #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Felsökningsnivån att köra med" @@ -1758,7 +1770,7 @@ msgstr "SSSD-domäner att använda" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Fel när lokalen sattes\n" @@ -2220,85 +2232,85 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "Inga cache-objekt matchade den angivna sökningen\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Kunde inte invalidera %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Kunde inte invalidera %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "Invalidera alla cachade poster" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Invalidera en viss användare" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Invalidera alla användare" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Invalidera en viss grupp" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Invalidera alla grupper" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Invalidera en viss nätgrupp" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Invalidera alla nätgrupper" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Invalidera en viss tjänst" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Invalidera alla tjänster" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Invalidera en viss autofs-mapp" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Invalidera alla autofs-mappar" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "Invalidera en viss SSH-värd" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "Invalidera alla SSH-värdar" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "Invalidera en viss sudo-regel" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "Invalidera alla cachade sudo-regler" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Invalidera endast poster från en viss domän" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2306,11 +2318,11 @@ msgstr "" "Oväntat argument angivet, flaggor som invaliderar ett ensamt objekt tar bara " "ett ensamt angivet argument.\n" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "Välj åtminstone ett objekt att invalidera\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2319,7 +2331,7 @@ msgstr "" "Kunde inte öppna domänen %1$s. Om domänen är en underdomän (betrodd domän), " "använd fullt kvalificerat namn istället för parametrarna --domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Kunde inte öppna tillgängliga domäner\n" @@ -2672,18 +2684,16 @@ msgid "" "Check that SSSD is running and the InfoPipe responder is enabled. Make sure " "'ifp' is listed in the 'services' option in sssd.conf.\n" msgstr "" -"Kontrollera att SSSD kör och InfoPipe-respondenten är aktiverad. Se till " -"att ”ifp” listas i flaggan ”services” i sssd.conf.\n" #: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format +#, fuzzy, c-format msgid "Unable to connect to the InfoPipe" -msgstr "Kan inte ansluta till InfoPipe" +msgstr "Kan inte hugga av loggfiler\n" #: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format +#, fuzzy, c-format msgid "Unable to get user object" -msgstr "Kan inte att användarobjektet" +msgstr "Kan inte ta reda på serverlistan\n" #: src/tools/sssctl/sssctl_user_checks.c:101 #, c-format @@ -2691,9 +2701,9 @@ msgid "SSSD InfoPipe user lookup result:\n" msgstr "Resultat av SSSD InfoPipe-användaruppslagning:\n" #: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format +#, fuzzy, c-format msgid "Unable to get user name attr" -msgstr "Kan inte hämta användarnamnsattribut" +msgstr "Kan inte ta reda på serverlistan\n" #: src/tools/sssctl/sssctl_user_checks.c:146 #, c-format diff --git a/po/tg.po b/po/tg.po index e77ce96efe8..398a7f57183 100644 --- a/po/tg.po +++ b/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:48+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -77,12 +77,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -129,7 +129,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -255,1246 +255,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Номи гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Пароли гурӯҳ" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Аттрибути GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1676,7 +1684,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1689,7 +1697,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2123,102 +2131,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/tr.po b/po/tr.po index 21f70adeba7..c5a6c09f9bd 100644 --- a/po/tr.po +++ b/po/tr.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:49+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Turkish (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -78,12 +78,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -130,7 +130,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -256,1246 +256,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "En az kullanıcı ID'si" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "En fazla kullanıcı ID'si" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA alanı" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos sunucu adresi" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1677,7 +1685,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1690,7 +1698,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2124,102 +2132,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/uk.po b/po/uk.po index b76256b36b2..f06aef1872b 100644 --- a/po/uk.po +++ b/po/uk.po @@ -9,13 +9,14 @@ # Yuri Chornoivan , 2015. #zanata # Yuri Chornoivan , 2017. #zanata # Yuri Chornoivan , 2018. #zanata +# Yuri Chornoivan , 2019. #zanata msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" -"PO-Revision-Date: 2018-03-09 08:59+0000\n" -"Last-Translator: Copied by Zanata \n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" +"PO-Revision-Date: 2019-03-03 07:23+0000\n" +"Last-Translator: Yuri Chornoivan \n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" "Language: uk\n" @@ -24,7 +25,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -86,12 +87,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "Час очікування для повідомлень, надісланих за допомогою SBUS" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "Формальний вираз для обробки імені користувача і домену" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "Сумісний з printf формат показу повних назв" @@ -141,7 +142,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "Час очікування на фонове оновлення кешу записів (у секундах)" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "Від’ємний час очікування на дані з кешу (у секундах)" @@ -291,19 +292,23 @@ msgstr "" "Визначає, яким службам PAM дозволено встановлювати з'єднання із доменами " "програм" -#: src/config/SSSDConfig/__init__.py.in:108 +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" +msgstr "Дозволені служби для використання смарт-карток" + +#: src/config/SSSDConfig/__init__.py.in:109 msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" "Визначає, чи слід обробляти атрибути правил sudo, пов’язані з часовими " "обмеженнями" -#: src/config/SSSDConfig/__init__.py.in:109 +#: src/config/SSSDConfig/__init__.py.in:110 msgid "If true, SSSD will switch back to lower-wins ordering logic" msgstr "" "Якщо має значення true, SSSD перемикнеться на логіку упорядковування менший-" "кращий" -#: src/config/SSSDConfig/__init__.py.in:110 +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." @@ -311,11 +316,11 @@ msgstr "" "Максимальна кількість правил, які може бути одночасно оновлено. Якщо цю " "кількість буде перевищено, буде виконано повне оновлення." -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "Чи слід хешувати назви та адреси вузлів у файлі known_hosts" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" @@ -323,60 +328,60 @@ msgstr "" "Кількість секунд, протягом яких запису вузла зберігатиметься у файлі " "known_hosts після надсилання запиту щодо ключів вузла" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "Шлях до сховища надійних сертифікатів служб сертифікації (CA)" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" "Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано " "доступ до відповідача PAC" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "Час, протягом якого дані PAC вважатимуться чинними" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" "Список унікальних ідентифікаторів (UID) або імен користувачів, яким надано " "доступ до відповідача InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "Список атрибутів запису користувача, які може оприлюднювати InfoPipe" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "Модуль надання даних, у якому будуть зберігатися реєстраційні дані" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "Максимальна дозволена кількість вкладених контейнерів" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "Максимальна кількість записів реєстраційних даних, які можна зберігати" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" "Максимальна кількість записів реєстраційних даних, які можна зберігати за UID" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "Максимальний обсяг запису реєстраційних даних у кілобайтах" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "Адреса, на якій очікує дані сервер Custodia" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "Спосіб розпізнавання сервером Custodia" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" @@ -384,11 +389,11 @@ msgstr "" "Назва заголовків, які буде додано до запиту HTTP зі значенням, яке визначено " "в auth_header_value" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "Значення, яке sssd-secrets має використовувати для auth_header_name" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" @@ -396,27 +401,27 @@ msgstr "" "Список заголовків, які слід переспрямувати до сервера Custodia разом із " "запитом" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" "Ім'я користувача, яким слід скористатися для розпізнавання на сервері " "Custodia з використанням basic_auth" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" "Пароль, яким слід скористатися для розпізнавання на сервері Custodia з " "використанням basic_auth" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" "Якщо має значення true, сертифікат вузла перевірятиметься, якщо proxy_url " "використовує протокол https" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" @@ -424,308 +429,308 @@ msgstr "" "Якщо має значення false, сертифікат вузла може містити іншу назву вузла ніж " "proxy_url, якщо використано протокол https" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "Шлях до каталогу, у якому зберігаються сертифікати служби сертифікації" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" "Шлях до файла, у якому міститься сертифікат служби сертифікації (CA) сервера" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "Шлях до файла, у якому міститься сертифікат клієнта" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "Шлях до файла, у якому міститься закритий ключ клієнта" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "Служба профілів" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "Служба розпізнавання" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "Служба керування доступом" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "Служба зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "Служба SUDO" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "Служба автоматизації файлових систем" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "Служба профілів вузлів" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "Надавач даних SELinux" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "Засіб керування сеансами" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" "Визначає, чи можна використовувати домен у операційній системі або у " "програмах" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "Мін. ідентифікатор користувача" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "Макс. ідентифікатор користувача" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "Увімкнути нумерацію всіх користувачів/груп" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "Кешувати реєстраційні дані для автономного входу" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "Зберігати хеші паролів" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "Показувати записи користувачів/груп повністю" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "Не включати учасників групи у пошуки групи" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "Тривалість кешування записів (у секундах)" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" "Обмежити або надавати перевагу певному сімейству адрес під час виконання " "пошуків DNS" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" "Тривалість зберігання кешованих записів після останнього успішного входу (у " "днях)" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" "Тривалість очікування на відповідь від DNS під час визначення адрес серверів " "(у секундах)" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" "Замінити значення ідентифікатора групи від надавача профілю цим значенням" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "Враховувати регістр у іменах користувачів" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "Наскільки часто має виконувати оновлення у тлі застарілих записів" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "TTL, який слід застосовувати до запису DNS клієнта після його оновлення" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "Визначає, наскільки часто слід періодично оновлювати запис DNS клієнта" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" "Визначає, чи слід надавачу даних також явним чином оновлювати запис PTR" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Визначає, чи слід програмі nsupdate типово використовувати TCP" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Визначає тип розпізнавання, який слід використовувати для виконання " "оновлення DNS" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" "Перевизначити сервер DNS, який використовуватиметься для виконання оновлення " "DNS" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "Керувати нумерацією надійних доменів" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "Частота оновлення списку піддоменів" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "Список параметрів, які має бути успадковано у піддомені" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "Типове значення домашнього каталогу для піддоменів" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" "Строк, протягом якого кешовані реєстраційні дані може бути використано для " "розпізнавання за кешем" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" "Визначає, чи слід автоматично створювати приватні групи для користувачів" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "Домен IPA" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "Адреса сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "Адреса резервного сервера IPA" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "Назва вузла клієнта IPA" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у " "FreeIPA" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "Шукати у базі об’єкти, пов’язані з HBAC" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде " "проігноровано" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "Увімкнути сайти DNS — визначення служб на основі адрес" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "Шукати у базі контейнери перегляду" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "Клас об’єктів для контейнерів перегляду" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "Атрибут із назвою перегляду" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "Клас об’єктів для об’єктів перевизначення" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "Атрибут із посиланням на початковий об’єкт" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "Клас об’єктів для об’єктів перевизначення користувачів" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "Клас об’єктів для об’єктів перевизначення груп" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "Шукати у базі пов'язані і профілями станцій об'єкти" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" "Час, у секундах, між пошуками у правилах профілів станцій на сервері IPA" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" @@ -733,47 +738,47 @@ msgstr "" "Час, у хвилинах, між пошуками у правилах профілів станцій на сервері IPA, " "якщо під час останнього запиту не було знайдено жодного правила" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "Домен Active Directory" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "Увімкнені домени Active Directory" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "Адреса сервера Active Directory" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "Адреса резервного сервера Active Directory" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "Назва клієнтського вузла Active Directory" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "Фільтр LDAP для визначення прав доступу" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "Чи слід використовувати загальний каталог для пошуку" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "Режим роботи для керування доступом на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" "Інтервал часу між послідовними сеансами пошуку правил GPO на сервері AD" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -781,7 +786,7 @@ msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)InteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -789,264 +794,269 @@ msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)RemoteInteractiveLogonRight" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)NetworkLogonRight" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)BatchLogonRight" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Назви служб PAM, які виконують прив’язування до параметрів правил GPO " "(Deny)ServiceLogonRight" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "Назви служб PAM, яким завжди надається доступ на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "Назви служб PAM, яким ніколи не надається доступ на основі GPO" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Типове правило входу (або допуск/заборона), яким слід користуватися для " "неприв’язаних назв служб PAM" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "певний сайт, який слід використовувати клієнту" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" "Максимальний вік пароля облікового запису комп'ютера, при досягненні якого " "пароль має бути оновлено" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" "Параметр налаштовування завдання оновлення облікових записів комп’ютерів" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Адреса сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "Адреса резервного сервера Kerberos" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "Область Kerberos" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "Час очікування на розпізнавання" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "Визначає, чи слід створювати файли kdcinfo" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "Місце, куди слід скидати фрагменти налаштувань krb5" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "Каталог, де зберігатиметься кеш реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "Адреса кешу реєстраційних даних користувача" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "Адреса таблиці ключів для перевірки реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "Увімкнути перевірку реєстраційних даних" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "Поновлюваний строк дії TGT" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "Строк дії TGT" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "Граничний час між двома перевірками для поновлення" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "Вмикає FAST" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "Визначає реєстраційний запис, який слід використовувати для FAST" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "Вмикає перетворення реєстраційних записів у канонічну форму" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "Увімкнути промислові реєстраційні дані" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "Прив’язка імен користувачів до основних імен Kerberos" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться " "виявити у KDC" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, адреса URI сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, адреса сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "Типова базова назва домену" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Тип схеми, використаний на сервері LDAP, rfc2307" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "Строк дії пароля вичерпано. Змініть ваш пароль." + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "Типова назва домену прив’язки" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "Тип розпізнавання для типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "Лексема розпізнавання типової назви сервера прив’язки" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "Проміжок часу між спробами встановлення з’єднання" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Проміжок часу між повторними спробами встановлення з’єднання у автономному " "режимі" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "Використовувати для назв областей лише великі літери" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "Файл, що містить сертифікати CA" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "Шлях до каталогу сертифікатів CA" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "Файл, що містить клієнтський сертифікат" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "Файл, що містить клієнтський ключ" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "Показати список можливих інструментів шифрування" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "Потрібна перевірка сертифіката TLS" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "Вкажіть механізм SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "Вкажіть область уповноваження SASL, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" "Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "Таблиця ключів служби Kerberos" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "Розпізнавання Kerberos для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "Переходити за посиланнями LDAP" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "Строк дії TGT для з’єднання LDAP" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "Спосіб розіменування псевдонімів" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "Назва служби для пошуків за допомогою служби DNS" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Кількість учасників, яких має не вистачати для вмикання повного скасування " "посилань" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1054,400 +1064,400 @@ msgstr "" "Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою " "переведення назв вузлів у канонічну форму під час прив’язки до SASL" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "Атрибут entryUSN" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "Атрибут lastUSN" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "Вимкнути контроль сторінок у LDAP" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "Вимкнути отримання діапазонів Active Directory" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "Тривалість очікування на дані запиту пошуку" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "Тривалість очікування на дані запиту щодо переліку" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "Проміжок часу між оновленнями нумерації" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "Проміжок часу між спорожненнями кешу" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "Вимагати TLS для пошуків ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Використовувати відповідності ідентифікаторів objectSID замість попередньо " "встановлених ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "Базова назва домену для пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "Діапазон пошуків користувачів" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "Фільтр пошуку користувачів" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "Клас об’єктів для користувачів" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "Атрибут імені користувача" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "Атрибут UID" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "Головний атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "Атрибут GECOS" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "Атрибут домашнього каталогу" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "Атрибут оболонки" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "Атрибут UUID" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "Атрибут objectSID" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" "Атрибут основної групи Active Directory для встановлення відповідності " "ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "Атрибут реєстраційного запису користувача (для Kerberos)" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "Повне ім'я" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "Атрибут memberOf" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "Атрибут часу зміни" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "Атрибут shadowLastChange" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "Атрибут shadowMin" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "Атрибут shadowMax" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "Атрибут shadowWarning" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "Атрибут shadowInactive" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "Атрибут shadowExpire" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "Атрибут shadowFlag" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "Атрибути зі списком уповноважених служб PAM" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "Атрибути зі списком уповноважених серверних вузлів" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "Атрибути зі списком уповноважених серверних r-вузлів" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "Атрибут krbLastPwdChange" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "Атрибут krbPasswordExpiration" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" "Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "Атрибут accountExpires AD" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "Атрибут userAccountControl AD" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "Атрибут nsAccountLock" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "Атрибут loginDisabled NDS" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "Атрибут loginExpirationTime NDS" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "Атрибут loginAllowedTimeMap NDS" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "Атрибут відкритого ключа SSH" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "атрибут зі списком дозволених типів розпізнавання для користувача" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "атрибут, що містить сертифікат X509 користувача" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "атрибут, що містить адресу електронної пошти користувача" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Список додаткових атрибутів, які слід отримувати разом із записом користувача" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "Базова назва домену для пошуків груп" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "Клас об’єктів для груп" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "Назва групи" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "Пароль групи" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "Атрибут GID" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "Атрибут членства у групі" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "Атрибут UUID групи" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "Атрибут часу зміни для груп" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "Тип групи та інші прапорці" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "Атрибут групи LDAP зовнішнього учасника" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "Базова назва домену для пошуків груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "Клас об’єктів для груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "Назва мережевої групи" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "Атрибут членства у групах у мережі" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "Атрибут трійки груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "Атрибут часу зміни для мережевих груп" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "Базова сервер назв домену для пошуку служб" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "Клас об’єктів для служб" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "Атрибут назви служби" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "Атрибут порту служби" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "Атрибут протоколу служби" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "Нижня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "Верхня межа встановлення відповідності ідентифікатора" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" "Кількість ідентифікаторів для кожного зрізу під час встановлення " "відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" "Використовувати для встановлення відповідності ідентифікаторів алгоритм, " "сумісний з autorid" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "Назва типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "SID типового домену для встановлення відповідності ідентифікаторів" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "Кількість вторинних зрізів" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" -msgstr "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)" +msgstr "Базова назва домену для пошуків груп" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 +#, fuzzy msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" -msgstr "" -"Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп " -"(initgroup)" +msgstr "Базова назва домену для пошуків груп у мережі" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "Визначає, чи слід використовувати крупи реєстраційних записів" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Встановити нижню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Встановити верхню межу для дозволених ідентифікаторів із сервера LDAP" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "DN для запитів щодо ppolicy" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" "Максимальна кількість записів для отримання під час обробки запитів із " "замінниками" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "Правила оцінки завершення строку дії пароля" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Атрибути які слід використовувати для визначення чинності облікового запису" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" "Правила, які має бути використано для визначення достатності прав доступу" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "Назва у службі DNS сервера зміни паролів LDAP" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1455,25 +1465,25 @@ msgstr "" "Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після " "зміни пароля" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "Базова назва домену для пошуків правил sudo" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "Період автоматичного повного оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "Період автоматичного кмітливого оновлення даних" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" "Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та " "мережами" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1481,165 +1491,165 @@ msgstr "" "Назви вузлів і/або повні назви у домені для цього комп’ютера для " "фільтрування списку правил sudo" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку " "правил sudo" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять мережеву групу у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Визначає, чи слід включати правила, що містять формальний вираз у атрибуті " "вузла" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "Клас об’єктів для правил sudo" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "Назва правила sudo" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "Атрибут команди правила sudo" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "Атрибут вузла правила sudo" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "Атрибут користувача правила sudo" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "Атрибут параметрів правила sudo" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "Атрибут runas правила sudo" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" "Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "Атрибут граничного часу початку дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "Атрибут граничного часу завершення дії правила sudo" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "Атрибут порядку правила sudo" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "Клас об’єктів для карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "Атрибут назви карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "Клас об’єктів для записів карт автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "Атрибут ключа запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "Атрибут значення запису карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "Відокремлений комами список дозволених користувачів" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "Відокремлений комами список заборонених користувачів" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "Типова оболонка, /bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "Базова адреса домашніх каталогів" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "Кількість попередньо відгалужених дочірніх проксі-записів." -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "Назва бібліотеки NSS, яку слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це " "можливо" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "Стек PAM, який слід використовувати" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." -msgstr "" +msgstr "Шлях до початкового тексту файла passwd." -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." -msgstr "" +msgstr "Шлях до початкового тексту файла group." -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "Запуститися фонову службу (типова поведінка)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "Запустити у інтерактивному режимі (без фонової служби)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "Вимкнути інтерфейс netlink" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "Вказати нетиповий файл налаштувань" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "Оновити налаштування бази даних, потім вийти" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "Вивести номер версії і завершити роботу" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "SSSD вже запущено\n" @@ -1824,7 +1834,7 @@ msgstr "Строк дії пароля вичерпано. Змініть ваш #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "Рівень діагностики під час запуску" @@ -1837,7 +1847,7 @@ msgstr "Домен SSSD, який слід використовувати" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "Помилка під час спроби встановити локаль\n" @@ -1859,7 +1869,7 @@ msgstr "Порт, яким слід користуватися для встан #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:210 msgid "Print the host ssh public keys" -msgstr "" +msgstr "Вивести відкриті ключі SSH вузла" #: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:252 msgid "Invalid port\n" @@ -2310,85 +2320,85 @@ msgid "Transaction error. Could not modify user.\n" msgstr "" "Помилка під час виконання операції. Не вдалося змінити запис користувача.\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "Не вдалося скасувати чинність %1$s\n" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "Не вдалося скасувати чинність %1$s %2$s\n" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "Скасувати чинність усіх кешованих записів" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "Скасувати визначення певного користувача" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "Скасувати визначення всіх користувачів" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "Скасувати визначення певної групи" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "Скасувати визначення всіх груп" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "Скасувати визначення певної мережевої групи" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "Скасувати визначення всіх мережевих груп" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "Скасувати визначення певної служби" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "Скасувати визначення всіх служб" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "Скасувати визначення певну карту autofs" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "Скасувати визначення всіх карт autofs" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "Скасувати чинність певного вузла SSH" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "Скасувати чинність усіх вузлів SSH" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "Скасувати чинність певного правила sudo" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "Скасувати чинність усіх кешованих правил sudo" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "Скасувати визначення лише записів з певного домену" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" @@ -2396,12 +2406,12 @@ msgstr "" "Надано неочікувані аргументи. Параметри, які скасовують чинність окремого " "об'єкта вимагають лише одного наданого аргументу.\n" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" "Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " @@ -2410,7 +2420,7 @@ msgstr "" "Не вдалося відкрити домен %1$s. Якщо цей домен є піддоменом (довіреним " "доменом), скористайтеся повною назвою замість параметра --domain/-d.\n" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "Не вдалося відкрити доступні домени\n" @@ -2764,18 +2774,17 @@ msgid "" "Check that SSSD is running and the InfoPipe responder is enabled. Make sure " "'ifp' is listed in the 'services' option in sssd.conf.\n" msgstr "" -"Перевірте, чи запущено SSSD і чи увімкнено відповідач InfoPipe. " -"Переконайтеся, що у списку параметра «services» у sssd.conf є запис «ifp».\n" #: src/tools/sssctl/sssctl_user_checks.c:91 -#, c-format +#, fuzzy, c-format msgid "Unable to connect to the InfoPipe" -msgstr "Не вдалося встановити з'єднання із InfoPipe" +msgstr "" +"Не вдалося встановити з'єднання із системним каналом передавання даних!\n" #: src/tools/sssctl/sssctl_user_checks.c:97 -#, c-format +#, fuzzy, c-format msgid "Unable to get user object" -msgstr "Не вдалося отримати об'єкт користувача" +msgstr "Не вдалося отримати список серверів\n" #: src/tools/sssctl/sssctl_user_checks.c:101 #, c-format @@ -2783,9 +2792,9 @@ msgid "SSSD InfoPipe user lookup result:\n" msgstr "Результат пошуку користувача у InfoPipe SSSD:\n" #: src/tools/sssctl/sssctl_user_checks.c:113 -#, c-format +#, fuzzy, c-format msgid "Unable to get user name attr" -msgstr "Не вдалося отримати атрибут імені користувача" +msgstr "Не вдалося отримати список серверів\n" #: src/tools/sssctl/sssctl_user_checks.c:146 #, c-format @@ -3029,3 +3038,16 @@ msgstr "Інформує про те, що на відповідачі заді #: src/util/util.h:87 msgid "Informs that the responder has been dbus-activated" msgstr "Інформує про те, що на відповідачі задіяно D-Bus" + +#~ msgid "Additional timeout to wait for a card if requested" +#~ msgstr "Додатковий час очікування на картку, якщо надійде запит" + +#~ msgid "" +#~ "PKCS#11 URI to restrict the selection of devices for Smartcard " +#~ "authentication" +#~ msgstr "" +#~ "Адреса PKCS#11 для обмеження переліку пристроїв для розпізнавання за " +#~ "смарт-карткою" + +#~ msgid "Similar to --genconf, but only refreshes the given section" +#~ msgstr "Подібний до --genconf, але оновлює дані лише вказаного розділу" diff --git a/po/zh_CN.po b/po/zh_CN.po index c99de03723d..c75d8edf216 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -78,12 +78,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -130,7 +130,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -256,1246 +256,1254 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" -msgstr "保存密码哈希值" +msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA 服务器地址" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "IPA 备份服务器地址" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos 服务器地址" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "验证超时" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +msgid "Mode used to change user password" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1677,7 +1685,7 @@ msgstr "" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1690,7 +1698,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "" @@ -2124,102 +2132,102 @@ msgstr "" msgid "Transaction error. Could not modify user.\n" msgstr "" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/po/zh_TW.po b/po/zh_TW.po index 9a2ac19974b..b19680d93ec 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2018-08-12 13:03+0000\n" +"POT-Creation-Date: 2019-03-20 22:07+0100\n" "PO-Revision-Date: 2014-12-14 11:50+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #: src/config/SSSDConfig/__init__.py.in:43 #: src/config/SSSDConfig/__init__.py.in:44 @@ -77,12 +77,12 @@ msgid "Timeout for messages sent over the SBUS" msgstr "" #: src/config/SSSDConfig/__init__.py.in:60 -#: src/config/SSSDConfig/__init__.py.in:197 +#: src/config/SSSDConfig/__init__.py.in:198 msgid "Regex to parse username and domain" msgstr "用來解析使用者名稱與網域的正規表示式" #: src/config/SSSDConfig/__init__.py.in:61 -#: src/config/SSSDConfig/__init__.py.in:196 +#: src/config/SSSDConfig/__init__.py.in:197 msgid "Printf-compatible format for displaying fully-qualified names" msgstr "" @@ -129,7 +129,7 @@ msgid "Entry cache background update timeout length (seconds)" msgstr "" #: src/config/SSSDConfig/__init__.py.in:74 -#: src/config/SSSDConfig/__init__.py.in:113 +#: src/config/SSSDConfig/__init__.py.in:114 msgid "Negative cache timeout length (seconds)" msgstr "" @@ -255,1246 +255,1255 @@ msgstr "" msgid "Which PAM services are permitted to contact application domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:108 -msgid "Whether to evaluate the time-based attributes in sudo rules" +#: src/config/SSSDConfig/__init__.py.in:106 +msgid "Allowed services for using smartcards" msgstr "" #: src/config/SSSDConfig/__init__.py.in:109 -msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgid "Whether to evaluate the time-based attributes in sudo rules" msgstr "" #: src/config/SSSDConfig/__init__.py.in:110 +msgid "If true, SSSD will switch back to lower-wins ordering logic" +msgstr "" + +#: src/config/SSSDConfig/__init__.py.in:111 msgid "" "Maximum number of rules that can be refreshed at once. If this is exceeded, " "full refresh is performed." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:116 +#: src/config/SSSDConfig/__init__.py.in:117 msgid "Whether to hash host names and addresses in the known_hosts file" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:117 +#: src/config/SSSDConfig/__init__.py.in:118 msgid "" "How many seconds to keep a host in the known_hosts file after its host keys " "were requested" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:118 +#: src/config/SSSDConfig/__init__.py.in:119 msgid "Path to storage of trusted CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:121 +#: src/config/SSSDConfig/__init__.py.in:122 msgid "List of UIDs or user names allowed to access the PAC responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:122 +#: src/config/SSSDConfig/__init__.py.in:123 msgid "How long the PAC data is considered valid" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:125 +#: src/config/SSSDConfig/__init__.py.in:126 msgid "List of UIDs or user names allowed to access the InfoPipe responder" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:126 +#: src/config/SSSDConfig/__init__.py.in:127 msgid "List of user attributes the InfoPipe is allowed to publish" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:129 +#: src/config/SSSDConfig/__init__.py.in:130 msgid "The provider where the secrets will be stored in" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:130 +#: src/config/SSSDConfig/__init__.py.in:131 msgid "The maximum allowed number of nested containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:131 +#: src/config/SSSDConfig/__init__.py.in:132 msgid "The maximum number of secrets that can be stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:132 +#: src/config/SSSDConfig/__init__.py.in:133 msgid "The maximum number of secrets that can be stored per UID" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:133 +#: src/config/SSSDConfig/__init__.py.in:134 msgid "The maximum payload size of a secret in kilobytes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:135 +#: src/config/SSSDConfig/__init__.py.in:136 msgid "The URL Custodia server is listening on" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:136 +#: src/config/SSSDConfig/__init__.py.in:137 msgid "The method to use when authenticating to a Custodia server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:137 +#: src/config/SSSDConfig/__init__.py.in:138 msgid "" "The name of the headers that will be added into a HTTP request with the " "value defined in auth_header_value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:138 +#: src/config/SSSDConfig/__init__.py.in:139 msgid "The value sssd-secrets would use for auth_header_name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:139 +#: src/config/SSSDConfig/__init__.py.in:140 msgid "" "The list of the headers to forward to the Custodia server together with the " "request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:140 +#: src/config/SSSDConfig/__init__.py.in:141 msgid "" "The username to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:141 +#: src/config/SSSDConfig/__init__.py.in:142 msgid "" "The password to use when authenticating to a Custodia server using basic_auth" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:142 +#: src/config/SSSDConfig/__init__.py.in:143 msgid "If true peer's certificate is verified if proxy_url uses https protocol" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:143 +#: src/config/SSSDConfig/__init__.py.in:144 msgid "" "If false peer's certificate may contain different hostname than proxy_url " "when https protocol is used" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:144 +#: src/config/SSSDConfig/__init__.py.in:145 msgid "Path to directory where certificate authority certificates are stored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:145 +#: src/config/SSSDConfig/__init__.py.in:146 msgid "Path to file containing server's CA certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:146 +#: src/config/SSSDConfig/__init__.py.in:147 msgid "Path to file containing client's certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:147 +#: src/config/SSSDConfig/__init__.py.in:148 msgid "Path to file containing client's private key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:150 +#: src/config/SSSDConfig/__init__.py.in:151 msgid "Identity provider" msgstr "身分提供者" -#: src/config/SSSDConfig/__init__.py.in:151 +#: src/config/SSSDConfig/__init__.py.in:152 msgid "Authentication provider" msgstr "認證提供者" -#: src/config/SSSDConfig/__init__.py.in:152 +#: src/config/SSSDConfig/__init__.py.in:153 msgid "Access control provider" msgstr "存取控制提供者" -#: src/config/SSSDConfig/__init__.py.in:153 +#: src/config/SSSDConfig/__init__.py.in:154 msgid "Password change provider" msgstr "密碼變更提供者" -#: src/config/SSSDConfig/__init__.py.in:154 +#: src/config/SSSDConfig/__init__.py.in:155 msgid "SUDO provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:155 +#: src/config/SSSDConfig/__init__.py.in:156 msgid "Autofs provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:156 +#: src/config/SSSDConfig/__init__.py.in:157 msgid "Host identity provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:157 +#: src/config/SSSDConfig/__init__.py.in:158 msgid "SELinux provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:158 +#: src/config/SSSDConfig/__init__.py.in:159 msgid "Session management provider" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:161 +#: src/config/SSSDConfig/__init__.py.in:162 msgid "Whether the domain is usable by the OS or by applications" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:162 +#: src/config/SSSDConfig/__init__.py.in:163 msgid "Minimum user ID" msgstr "最小的使用者 ID" -#: src/config/SSSDConfig/__init__.py.in:163 +#: src/config/SSSDConfig/__init__.py.in:164 msgid "Maximum user ID" msgstr "最大的使用者 ID" -#: src/config/SSSDConfig/__init__.py.in:164 +#: src/config/SSSDConfig/__init__.py.in:165 msgid "Enable enumerating all users/groups" msgstr "啟用所有使用者或群組的列舉" -#: src/config/SSSDConfig/__init__.py.in:165 +#: src/config/SSSDConfig/__init__.py.in:166 msgid "Cache credentials for offline login" msgstr "供離線登入使用的快取憑證" -#: src/config/SSSDConfig/__init__.py.in:166 +#: src/config/SSSDConfig/__init__.py.in:167 msgid "Store password hashes" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:167 +#: src/config/SSSDConfig/__init__.py.in:168 msgid "Display users/groups in fully-qualified form" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:168 +#: src/config/SSSDConfig/__init__.py.in:169 msgid "Don't include group members in group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:169 -#: src/config/SSSDConfig/__init__.py.in:176 +#: src/config/SSSDConfig/__init__.py.in:170 #: src/config/SSSDConfig/__init__.py.in:177 #: src/config/SSSDConfig/__init__.py.in:178 #: src/config/SSSDConfig/__init__.py.in:179 #: src/config/SSSDConfig/__init__.py.in:180 #: src/config/SSSDConfig/__init__.py.in:181 +#: src/config/SSSDConfig/__init__.py.in:182 msgid "Entry cache timeout length (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:170 +#: src/config/SSSDConfig/__init__.py.in:171 msgid "" "Restrict or prefer a specific address family when performing DNS lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:171 +#: src/config/SSSDConfig/__init__.py.in:172 msgid "How long to keep cached entries after last successful login (days)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:172 +#: src/config/SSSDConfig/__init__.py.in:173 msgid "How long to wait for replies from DNS when resolving servers (seconds)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:173 +#: src/config/SSSDConfig/__init__.py.in:174 msgid "The domain part of service discovery DNS query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:174 +#: src/config/SSSDConfig/__init__.py.in:175 msgid "Override GID value from the identity provider with this value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:175 +#: src/config/SSSDConfig/__init__.py.in:176 msgid "Treat usernames as case sensitive" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:182 +#: src/config/SSSDConfig/__init__.py.in:183 msgid "How often should expired entries be refreshed in background" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:183 +#: src/config/SSSDConfig/__init__.py.in:184 msgid "Whether to automatically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:184 -#: src/config/SSSDConfig/__init__.py.in:206 +#: src/config/SSSDConfig/__init__.py.in:185 +#: src/config/SSSDConfig/__init__.py.in:207 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:185 -#: src/config/SSSDConfig/__init__.py.in:207 +#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:208 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:186 +#: src/config/SSSDConfig/__init__.py.in:187 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:187 +#: src/config/SSSDConfig/__init__.py.in:188 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:188 +#: src/config/SSSDConfig/__init__.py.in:189 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:189 +#: src/config/SSSDConfig/__init__.py.in:190 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:190 +#: src/config/SSSDConfig/__init__.py.in:191 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:191 +#: src/config/SSSDConfig/__init__.py.in:192 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:192 +#: src/config/SSSDConfig/__init__.py.in:193 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:193 +#: src/config/SSSDConfig/__init__.py.in:194 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:194 +#: src/config/SSSDConfig/__init__.py.in:195 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:195 +#: src/config/SSSDConfig/__init__.py.in:196 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:198 +#: src/config/SSSDConfig/__init__.py.in:199 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:201 +#: src/config/SSSDConfig/__init__.py.in:202 msgid "IPA domain" msgstr "IPA 網域" -#: src/config/SSSDConfig/__init__.py.in:202 +#: src/config/SSSDConfig/__init__.py.in:203 msgid "IPA server address" msgstr "IPA 伺服器位址" -#: src/config/SSSDConfig/__init__.py.in:203 +#: src/config/SSSDConfig/__init__.py.in:204 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:204 +#: src/config/SSSDConfig/__init__.py.in:205 msgid "IPA client hostname" msgstr "IPA 客戶端主機名稱" -#: src/config/SSSDConfig/__init__.py.in:205 +#: src/config/SSSDConfig/__init__.py.in:206 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:208 +#: src/config/SSSDConfig/__init__.py.in:209 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:209 +#: src/config/SSSDConfig/__init__.py.in:210 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:210 +#: src/config/SSSDConfig/__init__.py.in:211 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:211 +#: src/config/SSSDConfig/__init__.py.in:212 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:212 +#: src/config/SSSDConfig/__init__.py.in:213 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:213 +#: src/config/SSSDConfig/__init__.py.in:214 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:214 +#: src/config/SSSDConfig/__init__.py.in:215 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:215 -#: src/config/SSSDConfig/__init__.py.in:233 +#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:234 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:216 +#: src/config/SSSDConfig/__init__.py.in:217 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:217 +#: src/config/SSSDConfig/__init__.py.in:218 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:218 +#: src/config/SSSDConfig/__init__.py.in:219 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:219 +#: src/config/SSSDConfig/__init__.py.in:220 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:220 +#: src/config/SSSDConfig/__init__.py.in:221 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:221 +#: src/config/SSSDConfig/__init__.py.in:222 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:222 +#: src/config/SSSDConfig/__init__.py.in:223 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:223 +#: src/config/SSSDConfig/__init__.py.in:224 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:224 +#: src/config/SSSDConfig/__init__.py.in:225 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:225 +#: src/config/SSSDConfig/__init__.py.in:226 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:228 +#: src/config/SSSDConfig/__init__.py.in:229 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:229 +#: src/config/SSSDConfig/__init__.py.in:230 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:230 +#: src/config/SSSDConfig/__init__.py.in:231 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:231 +#: src/config/SSSDConfig/__init__.py.in:232 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:232 +#: src/config/SSSDConfig/__init__.py.in:233 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:234 -#: src/config/SSSDConfig/__init__.py.in:420 +#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:422 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:235 +#: src/config/SSSDConfig/__init__.py.in:236 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:236 +#: src/config/SSSDConfig/__init__.py.in:237 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:237 +#: src/config/SSSDConfig/__init__.py.in:238 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:238 +#: src/config/SSSDConfig/__init__.py.in:239 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:239 +#: src/config/SSSDConfig/__init__.py.in:240 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:240 +#: src/config/SSSDConfig/__init__.py.in:241 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:241 +#: src/config/SSSDConfig/__init__.py.in:242 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:242 +#: src/config/SSSDConfig/__init__.py.in:243 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:243 +#: src/config/SSSDConfig/__init__.py.in:244 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:244 +#: src/config/SSSDConfig/__init__.py.in:245 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:245 +#: src/config/SSSDConfig/__init__.py.in:246 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:246 +#: src/config/SSSDConfig/__init__.py.in:247 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:247 +#: src/config/SSSDConfig/__init__.py.in:248 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:248 +#: src/config/SSSDConfig/__init__.py.in:249 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:251 #: src/config/SSSDConfig/__init__.py.in:252 +#: src/config/SSSDConfig/__init__.py.in:253 msgid "Kerberos server address" msgstr "Kerberos 伺服器位址" -#: src/config/SSSDConfig/__init__.py.in:253 +#: src/config/SSSDConfig/__init__.py.in:254 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:254 +#: src/config/SSSDConfig/__init__.py.in:255 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:255 +#: src/config/SSSDConfig/__init__.py.in:256 msgid "Authentication timeout" msgstr "認證逾時" -#: src/config/SSSDConfig/__init__.py.in:256 +#: src/config/SSSDConfig/__init__.py.in:257 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:257 +#: src/config/SSSDConfig/__init__.py.in:258 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:260 +#: src/config/SSSDConfig/__init__.py.in:261 msgid "Directory to store credential caches" msgstr "儲存憑證快取的目錄" -#: src/config/SSSDConfig/__init__.py.in:261 +#: src/config/SSSDConfig/__init__.py.in:262 msgid "Location of the user's credential cache" msgstr "使用者憑證快取的位置" -#: src/config/SSSDConfig/__init__.py.in:262 +#: src/config/SSSDConfig/__init__.py.in:263 msgid "Location of the keytab to validate credentials" msgstr "驗證憑證用的金鑰表格位置" -#: src/config/SSSDConfig/__init__.py.in:263 +#: src/config/SSSDConfig/__init__.py.in:264 msgid "Enable credential validation" msgstr "啟用憑證驗證" -#: src/config/SSSDConfig/__init__.py.in:264 +#: src/config/SSSDConfig/__init__.py.in:265 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:265 +#: src/config/SSSDConfig/__init__.py.in:266 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:266 +#: src/config/SSSDConfig/__init__.py.in:267 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:267 +#: src/config/SSSDConfig/__init__.py.in:268 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:268 +#: src/config/SSSDConfig/__init__.py.in:269 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:269 +#: src/config/SSSDConfig/__init__.py.in:270 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:270 +#: src/config/SSSDConfig/__init__.py.in:271 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:271 +#: src/config/SSSDConfig/__init__.py.in:272 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:272 +#: src/config/SSSDConfig/__init__.py.in:273 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:275 #: src/config/SSSDConfig/__init__.py.in:276 +#: src/config/SSSDConfig/__init__.py.in:277 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:279 +#: src/config/SSSDConfig/__init__.py.in:280 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:280 +#: src/config/SSSDConfig/__init__.py.in:281 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:281 +#: src/config/SSSDConfig/__init__.py.in:282 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:282 +#: src/config/SSSDConfig/__init__.py.in:283 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:283 +#: src/config/SSSDConfig/__init__.py.in:284 +#, fuzzy +msgid "Mode used to change user password" +msgstr "密碼已過期。請立刻變更您的密碼。" + +#: src/config/SSSDConfig/__init__.py.in:285 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:284 +#: src/config/SSSDConfig/__init__.py.in:286 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:285 +#: src/config/SSSDConfig/__init__.py.in:287 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:286 +#: src/config/SSSDConfig/__init__.py.in:288 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:287 +#: src/config/SSSDConfig/__init__.py.in:289 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:288 +#: src/config/SSSDConfig/__init__.py.in:290 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:289 +#: src/config/SSSDConfig/__init__.py.in:291 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:290 +#: src/config/SSSDConfig/__init__.py.in:292 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:291 +#: src/config/SSSDConfig/__init__.py.in:293 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:292 +#: src/config/SSSDConfig/__init__.py.in:294 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:293 +#: src/config/SSSDConfig/__init__.py.in:295 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:294 +#: src/config/SSSDConfig/__init__.py.in:296 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:295 +#: src/config/SSSDConfig/__init__.py.in:297 msgid "Require TLS certificate verification" msgstr "需要 TLS 憑證驗證" -#: src/config/SSSDConfig/__init__.py.in:296 +#: src/config/SSSDConfig/__init__.py.in:298 msgid "Specify the sasl mechanism to use" msgstr "指定要使用的 sasl 機制" -#: src/config/SSSDConfig/__init__.py.in:297 +#: src/config/SSSDConfig/__init__.py.in:299 msgid "Specify the sasl authorization id to use" msgstr "指定要使用的 sasl 認證 id" -#: src/config/SSSDConfig/__init__.py.in:298 +#: src/config/SSSDConfig/__init__.py.in:300 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:299 +#: src/config/SSSDConfig/__init__.py.in:301 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:300 +#: src/config/SSSDConfig/__init__.py.in:302 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:301 +#: src/config/SSSDConfig/__init__.py.in:303 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:302 +#: src/config/SSSDConfig/__init__.py.in:304 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:303 +#: src/config/SSSDConfig/__init__.py.in:305 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:304 +#: src/config/SSSDConfig/__init__.py.in:306 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:305 +#: src/config/SSSDConfig/__init__.py.in:307 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:306 +#: src/config/SSSDConfig/__init__.py.in:308 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:307 +#: src/config/SSSDConfig/__init__.py.in:309 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:308 +#: src/config/SSSDConfig/__init__.py.in:310 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:310 +#: src/config/SSSDConfig/__init__.py.in:312 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:311 +#: src/config/SSSDConfig/__init__.py.in:313 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:313 +#: src/config/SSSDConfig/__init__.py.in:315 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:315 +#: src/config/SSSDConfig/__init__.py.in:317 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:316 +#: src/config/SSSDConfig/__init__.py.in:318 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:319 +#: src/config/SSSDConfig/__init__.py.in:321 msgid "Length of time to wait for a search request" msgstr "搜尋請求的等候時間長度" -#: src/config/SSSDConfig/__init__.py.in:320 +#: src/config/SSSDConfig/__init__.py.in:322 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:321 +#: src/config/SSSDConfig/__init__.py.in:323 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:322 +#: src/config/SSSDConfig/__init__.py.in:324 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:323 +#: src/config/SSSDConfig/__init__.py.in:325 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:324 +#: src/config/SSSDConfig/__init__.py.in:326 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:325 +#: src/config/SSSDConfig/__init__.py.in:327 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:326 +#: src/config/SSSDConfig/__init__.py.in:328 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:327 +#: src/config/SSSDConfig/__init__.py.in:329 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:328 +#: src/config/SSSDConfig/__init__.py.in:330 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:329 +#: src/config/SSSDConfig/__init__.py.in:331 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:331 +#: src/config/SSSDConfig/__init__.py.in:333 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:332 +#: src/config/SSSDConfig/__init__.py.in:334 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:333 +#: src/config/SSSDConfig/__init__.py.in:335 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:334 +#: src/config/SSSDConfig/__init__.py.in:336 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:335 +#: src/config/SSSDConfig/__init__.py.in:337 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:336 +#: src/config/SSSDConfig/__init__.py.in:338 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:337 -#: src/config/SSSDConfig/__init__.py.in:379 +#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:381 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:338 +#: src/config/SSSDConfig/__init__.py.in:340 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:339 +#: src/config/SSSDConfig/__init__.py.in:341 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:340 +#: src/config/SSSDConfig/__init__.py.in:342 msgid "Full Name" msgstr "全名" -#: src/config/SSSDConfig/__init__.py.in:341 +#: src/config/SSSDConfig/__init__.py.in:343 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:342 +#: src/config/SSSDConfig/__init__.py.in:344 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:344 +#: src/config/SSSDConfig/__init__.py.in:346 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:345 +#: src/config/SSSDConfig/__init__.py.in:347 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:346 +#: src/config/SSSDConfig/__init__.py.in:348 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:347 +#: src/config/SSSDConfig/__init__.py.in:349 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:348 +#: src/config/SSSDConfig/__init__.py.in:350 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:349 +#: src/config/SSSDConfig/__init__.py.in:351 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:350 +#: src/config/SSSDConfig/__init__.py.in:352 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:351 +#: src/config/SSSDConfig/__init__.py.in:353 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:352 +#: src/config/SSSDConfig/__init__.py.in:354 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:353 +#: src/config/SSSDConfig/__init__.py.in:355 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:354 +#: src/config/SSSDConfig/__init__.py.in:356 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:355 +#: src/config/SSSDConfig/__init__.py.in:357 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:356 +#: src/config/SSSDConfig/__init__.py.in:358 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:357 +#: src/config/SSSDConfig/__init__.py.in:359 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:358 +#: src/config/SSSDConfig/__init__.py.in:360 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:359 +#: src/config/SSSDConfig/__init__.py.in:361 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:360 +#: src/config/SSSDConfig/__init__.py.in:362 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:361 +#: src/config/SSSDConfig/__init__.py.in:363 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:362 +#: src/config/SSSDConfig/__init__.py.in:364 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:363 +#: src/config/SSSDConfig/__init__.py.in:365 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:364 +#: src/config/SSSDConfig/__init__.py.in:366 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:365 +#: src/config/SSSDConfig/__init__.py.in:367 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:366 +#: src/config/SSSDConfig/__init__.py.in:368 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:368 +#: src/config/SSSDConfig/__init__.py.in:370 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:370 +#: src/config/SSSDConfig/__init__.py.in:372 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:373 +#: src/config/SSSDConfig/__init__.py.in:375 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:374 +#: src/config/SSSDConfig/__init__.py.in:376 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:375 +#: src/config/SSSDConfig/__init__.py.in:377 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:376 +#: src/config/SSSDConfig/__init__.py.in:378 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:377 +#: src/config/SSSDConfig/__init__.py.in:379 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:378 +#: src/config/SSSDConfig/__init__.py.in:380 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:380 +#: src/config/SSSDConfig/__init__.py.in:382 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:381 +#: src/config/SSSDConfig/__init__.py.in:383 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:382 +#: src/config/SSSDConfig/__init__.py.in:384 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:384 +#: src/config/SSSDConfig/__init__.py.in:386 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:386 +#: src/config/SSSDConfig/__init__.py.in:388 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:387 +#: src/config/SSSDConfig/__init__.py.in:389 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:388 +#: src/config/SSSDConfig/__init__.py.in:390 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:389 +#: src/config/SSSDConfig/__init__.py.in:391 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:390 +#: src/config/SSSDConfig/__init__.py.in:392 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:391 +#: src/config/SSSDConfig/__init__.py.in:393 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:393 +#: src/config/SSSDConfig/__init__.py.in:395 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:394 +#: src/config/SSSDConfig/__init__.py.in:396 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:395 +#: src/config/SSSDConfig/__init__.py.in:397 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:396 +#: src/config/SSSDConfig/__init__.py.in:398 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:397 +#: src/config/SSSDConfig/__init__.py.in:399 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:400 +#: src/config/SSSDConfig/__init__.py.in:402 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:401 +#: src/config/SSSDConfig/__init__.py.in:403 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:402 +#: src/config/SSSDConfig/__init__.py.in:404 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:403 +#: src/config/SSSDConfig/__init__.py.in:405 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:404 +#: src/config/SSSDConfig/__init__.py.in:406 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:405 +#: src/config/SSSDConfig/__init__.py.in:407 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:406 +#: src/config/SSSDConfig/__init__.py.in:408 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:408 +#: src/config/SSSDConfig/__init__.py.in:410 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:409 +#: src/config/SSSDConfig/__init__.py.in:411 msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:410 +#: src/config/SSSDConfig/__init__.py.in:412 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:411 +#: src/config/SSSDConfig/__init__.py.in:413 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:412 +#: src/config/SSSDConfig/__init__.py.in:414 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:413 +#: src/config/SSSDConfig/__init__.py.in:415 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:414 +#: src/config/SSSDConfig/__init__.py.in:416 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:417 +#: src/config/SSSDConfig/__init__.py.in:419 msgid "Policy to evaluate the password expiration" msgstr "評估密碼過期時效的策略" -#: src/config/SSSDConfig/__init__.py.in:421 +#: src/config/SSSDConfig/__init__.py.in:423 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:422 +#: src/config/SSSDConfig/__init__.py.in:424 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:425 +#: src/config/SSSDConfig/__init__.py.in:427 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:426 +#: src/config/SSSDConfig/__init__.py.in:428 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:427 +#: src/config/SSSDConfig/__init__.py.in:429 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:428 +#: src/config/SSSDConfig/__init__.py.in:430 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:431 +#: src/config/SSSDConfig/__init__.py.in:433 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:432 +#: src/config/SSSDConfig/__init__.py.in:434 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:433 +#: src/config/SSSDConfig/__init__.py.in:435 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:434 +#: src/config/SSSDConfig/__init__.py.in:436 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:435 +#: src/config/SSSDConfig/__init__.py.in:437 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:436 +#: src/config/SSSDConfig/__init__.py.in:438 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:437 +#: src/config/SSSDConfig/__init__.py.in:439 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:438 +#: src/config/SSSDConfig/__init__.py.in:440 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:439 +#: src/config/SSSDConfig/__init__.py.in:441 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:440 +#: src/config/SSSDConfig/__init__.py.in:442 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:441 +#: src/config/SSSDConfig/__init__.py.in:443 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:442 +#: src/config/SSSDConfig/__init__.py.in:444 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:443 +#: src/config/SSSDConfig/__init__.py.in:445 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:444 +#: src/config/SSSDConfig/__init__.py.in:446 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:445 +#: src/config/SSSDConfig/__init__.py.in:447 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:446 +#: src/config/SSSDConfig/__init__.py.in:448 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:447 +#: src/config/SSSDConfig/__init__.py.in:449 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:448 +#: src/config/SSSDConfig/__init__.py.in:450 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:449 +#: src/config/SSSDConfig/__init__.py.in:451 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:450 +#: src/config/SSSDConfig/__init__.py.in:452 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:453 +#: src/config/SSSDConfig/__init__.py.in:455 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:454 +#: src/config/SSSDConfig/__init__.py.in:456 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:455 +#: src/config/SSSDConfig/__init__.py.in:457 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:456 +#: src/config/SSSDConfig/__init__.py.in:458 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:457 +#: src/config/SSSDConfig/__init__.py.in:459 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:458 +#: src/config/SSSDConfig/__init__.py.in:460 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:461 +#: src/config/SSSDConfig/__init__.py.in:463 msgid "Comma separated list of allowed users" msgstr "許可的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:462 +#: src/config/SSSDConfig/__init__.py.in:464 msgid "Comma separated list of prohibited users" msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/__init__.py.in:465 +#: src/config/SSSDConfig/__init__.py.in:467 msgid "Default shell, /bin/bash" msgstr "預設 shell,/bin/bash" -#: src/config/SSSDConfig/__init__.py.in:466 +#: src/config/SSSDConfig/__init__.py.in:468 msgid "Base for home directories" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:469 +#: src/config/SSSDConfig/__init__.py.in:471 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:472 +#: src/config/SSSDConfig/__init__.py.in:474 msgid "The name of the NSS library to use" msgstr "要使用的 NSS 函式庫名稱" -#: src/config/SSSDConfig/__init__.py.in:473 +#: src/config/SSSDConfig/__init__.py.in:475 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/__init__.py.in:476 +#: src/config/SSSDConfig/__init__.py.in:478 msgid "PAM stack to use" msgstr "要使用的 PAM 堆疊" -#: src/config/SSSDConfig/__init__.py.in:479 +#: src/config/SSSDConfig/__init__.py.in:481 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/__init__.py.in:480 +#: src/config/SSSDConfig/__init__.py.in:482 msgid "Path of group file sources." msgstr "" -#: src/monitor/monitor.c:2449 +#: src/monitor/monitor.c:2452 msgid "Become a daemon (default)" msgstr "作為幕後程式 (預設)" -#: src/monitor/monitor.c:2451 +#: src/monitor/monitor.c:2454 msgid "Run interactive (not a daemon)" msgstr "以互動方式執行 (非幕後程式)" -#: src/monitor/monitor.c:2454 +#: src/monitor/monitor.c:2457 msgid "Disable netlink interface" msgstr "" -#: src/monitor/monitor.c:2456 src/tools/sssctl/sssctl_logs.c:311 +#: src/monitor/monitor.c:2459 src/tools/sssctl/sssctl_logs.c:311 msgid "Specify a non-default config file" msgstr "指定非預設的配置檔" -#: src/monitor/monitor.c:2458 +#: src/monitor/monitor.c:2461 msgid "Refresh the configuration database, then exit" msgstr "" -#: src/monitor/monitor.c:2461 +#: src/monitor/monitor.c:2464 msgid "Print version number and exit" msgstr "" -#: src/monitor/monitor.c:2627 +#: src/monitor/monitor.c:2630 msgid "SSSD is already running\n" msgstr "" @@ -1676,7 +1685,7 @@ msgstr "密碼已過期。請立刻變更您的密碼。" #: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44 #: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:668 #: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47 -#: src/tools/sss_cache.c:670 +#: src/tools/sss_cache.c:687 msgid "The debug level to run with" msgstr "" @@ -1689,7 +1698,7 @@ msgstr "" #: src/tools/sss_groupadd.c:59 src/tools/sss_groupdel.c:54 #: src/tools/sss_groupmod.c:66 src/tools/sss_groupshow.c:680 #: src/tools/sss_userdel.c:152 src/tools/sss_usermod.c:79 -#: src/tools/sss_cache.c:716 +#: src/tools/sss_cache.c:733 msgid "Error setting the locale\n" msgstr "設定區域設置時發生錯誤\n" @@ -2123,102 +2132,102 @@ msgstr "無法修改使用者 - 使用者是否已經是群組的成員?\n" msgid "Transaction error. Could not modify user.\n" msgstr "處理事項發生錯誤。無法修改使用者。\n" -#: src/tools/sss_cache.c:218 +#: src/tools/sss_cache.c:228 msgid "No cache object matched the specified search\n" msgstr "" -#: src/tools/sss_cache.c:502 +#: src/tools/sss_cache.c:519 #, c-format msgid "Couldn't invalidate %1$s\n" msgstr "" -#: src/tools/sss_cache.c:509 +#: src/tools/sss_cache.c:526 #, c-format msgid "Couldn't invalidate %1$s %2$s\n" msgstr "" -#: src/tools/sss_cache.c:672 +#: src/tools/sss_cache.c:689 msgid "Invalidate all cached entries" msgstr "" -#: src/tools/sss_cache.c:674 +#: src/tools/sss_cache.c:691 msgid "Invalidate particular user" msgstr "" -#: src/tools/sss_cache.c:676 +#: src/tools/sss_cache.c:693 msgid "Invalidate all users" msgstr "" -#: src/tools/sss_cache.c:678 +#: src/tools/sss_cache.c:695 msgid "Invalidate particular group" msgstr "" -#: src/tools/sss_cache.c:680 +#: src/tools/sss_cache.c:697 msgid "Invalidate all groups" msgstr "" -#: src/tools/sss_cache.c:682 +#: src/tools/sss_cache.c:699 msgid "Invalidate particular netgroup" msgstr "" -#: src/tools/sss_cache.c:684 +#: src/tools/sss_cache.c:701 msgid "Invalidate all netgroups" msgstr "" -#: src/tools/sss_cache.c:686 +#: src/tools/sss_cache.c:703 msgid "Invalidate particular service" msgstr "" -#: src/tools/sss_cache.c:688 +#: src/tools/sss_cache.c:705 msgid "Invalidate all services" msgstr "" -#: src/tools/sss_cache.c:691 +#: src/tools/sss_cache.c:708 msgid "Invalidate particular autofs map" msgstr "" -#: src/tools/sss_cache.c:693 +#: src/tools/sss_cache.c:710 msgid "Invalidate all autofs maps" msgstr "" -#: src/tools/sss_cache.c:697 +#: src/tools/sss_cache.c:714 msgid "Invalidate particular SSH host" msgstr "" -#: src/tools/sss_cache.c:699 +#: src/tools/sss_cache.c:716 msgid "Invalidate all SSH hosts" msgstr "" -#: src/tools/sss_cache.c:703 +#: src/tools/sss_cache.c:720 msgid "Invalidate particular sudo rule" msgstr "" -#: src/tools/sss_cache.c:705 +#: src/tools/sss_cache.c:722 msgid "Invalidate all cached sudo rules" msgstr "" -#: src/tools/sss_cache.c:708 +#: src/tools/sss_cache.c:725 msgid "Only invalidate entries from a particular domain" msgstr "" -#: src/tools/sss_cache.c:762 +#: src/tools/sss_cache.c:779 msgid "" "Unexpected argument(s) provided, options that invalidate a single object " "only accept a single provided argument.\n" msgstr "" -#: src/tools/sss_cache.c:772 +#: src/tools/sss_cache.c:789 msgid "Please select at least one object to invalidate\n" msgstr "" -#: src/tools/sss_cache.c:852 +#: src/tools/sss_cache.c:872 #, c-format msgid "" "Could not open domain %1$s. If the domain is a subdomain (trusted domain), " "use fully qualified name instead of --domain/-d parameter.\n" msgstr "" -#: src/tools/sss_cache.c:856 +#: src/tools/sss_cache.c:877 msgid "Could not open available domains\n" msgstr "" diff --git a/src/man/po/br.po b/src/man/po/br.po index 014fe0c7456..0e8197d2011 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -6,9 +6,9 @@ # Fulup , 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-14 11:51+0000\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -298,11 +298,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Dre ziouer : true" @@ -321,16 +321,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -355,8 +355,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -371,7 +371,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -451,7 +451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -471,12 +471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -484,39 +484,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -640,9 +640,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -834,7 +834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -910,8 +910,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -971,8 +971,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1049,7 +1049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1067,7 +1067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Dre ziouer : 15" @@ -1086,10 +1086,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 120" msgid "Default: 14400 (4 hours)" -msgstr "Dre ziouer : 120" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1102,11 +1100,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1115,41 +1113,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Dre zoiuer : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1157,23 +1155,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1181,47 +1179,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1229,112 +1227,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1345,96 +1343,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1442,59 +1440,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1503,61 +1501,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1565,7 +1563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1574,17 +1572,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1592,31 +1590,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1626,74 +1624,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1701,19 +1699,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1721,12 +1719,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1734,82 +1732,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Dre ziouer : 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1820,24 +1899,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1847,22 +1926,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1870,51 +1949,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1923,24 +2002,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1951,7 +2030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1962,24 +2041,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1987,12 +2066,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2001,24 +2080,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2028,66 +2107,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2095,17 +2174,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2113,7 +2192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2121,22 +2200,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2145,14 +2224,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2161,38 +2240,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2201,24 +2280,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2227,29 +2306,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2263,14 +2342,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2279,39 +2358,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2320,19 +2399,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2343,151 +2422,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2495,24 +2574,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2521,17 +2600,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2540,34 +2619,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2575,7 +2654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2583,8 +2662,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2593,8 +2672,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2602,19 +2681,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2623,7 +2702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2631,22 +2710,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2658,7 +2737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2666,19 +2745,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2686,7 +2765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2694,35 +2773,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2730,19 +2809,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2751,7 +2830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2759,29 +2838,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2789,7 +2868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2797,35 +2876,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2833,32 +2912,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2869,7 +2948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2878,12 +2957,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2891,7 +2970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2899,31 +2978,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2931,7 +3010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2940,17 +3019,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2958,43 +3037,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3002,7 +3081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3010,7 +3089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3018,24 +3097,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3043,12 +3122,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3058,7 +3137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3067,29 +3146,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3097,7 +3176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3107,59 +3186,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3168,77 +3247,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3246,7 +3325,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3254,17 +3333,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3272,34 +3351,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3307,32 +3386,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3342,34 +3421,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3377,12 +3456,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3390,26 +3469,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3417,7 +3550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3426,7 +3559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3434,29 +3567,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3464,12 +3597,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3478,12 +3611,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3491,19 +3624,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3520,7 +3653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3528,17 +3661,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3547,7 +3680,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3557,7 +3690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3577,12 +3710,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3590,73 +3723,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3664,17 +3797,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3683,17 +3816,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3701,17 +3834,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3719,17 +3852,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3740,64 +3873,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3827,7 +3960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3836,7 +3969,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3844,7 +3977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3993,7 +4126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4088,123 +4221,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Dre ziouer : 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4212,113 +4386,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4327,17 +4501,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4346,17 +4520,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4365,17 +4539,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4384,17 +4558,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4403,17 +4577,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4422,17 +4596,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4440,155 +4614,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4598,7 +4772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4606,51 +4780,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4659,24 +4833,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4684,7 +4858,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4693,43 +4867,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4737,14 +4911,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4752,17 +4926,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4770,14 +4944,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4785,17 +4959,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4803,14 +4977,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4818,37 +4992,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4858,106 +5032,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4965,34 +5139,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5000,7 +5174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5010,7 +5184,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5020,17 +5194,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5038,14 +5212,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5053,7 +5227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5062,12 +5236,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5075,172 +5249,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5248,95 +5422,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5344,7 +5518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5352,12 +5526,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5365,12 +5539,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5381,12 +5555,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5395,12 +5569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5409,34 +5583,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5444,14 +5618,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5459,17 +5633,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5479,12 +5653,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5492,17 +5666,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5510,13 +5684,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5525,7 +5699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5533,26 +5707,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5560,7 +5734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5568,7 +5742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5576,41 +5750,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5619,32 +5793,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5652,24 +5826,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5677,17 +5851,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5698,29 +5872,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5733,7 +5907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5745,17 +5919,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5763,49 +5937,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5813,27 +5987,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5845,7 +6019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5853,7 +6027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5861,39 +6035,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5903,7 +6077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5911,26 +6085,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5938,7 +6112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5946,31 +6120,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5979,56 +6153,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6044,12 +6218,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6058,14 +6232,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6074,24 +6248,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6099,19 +6273,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6120,7 +6294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6128,7 +6302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6137,7 +6311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6145,22 +6319,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6170,14 +6344,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6190,12 +6364,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6205,7 +6379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6215,63 +6389,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6280,74 +6454,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6358,7 +6532,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6366,24 +6540,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6398,12 +6572,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6411,208 +6585,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6620,101 +6794,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6723,111 +6897,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6836,32 +7010,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6870,22 +7044,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6894,14 +7068,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6909,7 +7083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6922,27 +7096,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6958,13 +7132,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7224,31 +7398,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7256,20 +7493,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8366,7 +8612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8381,7 +8627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8396,12 +8642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8422,12 +8668,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8451,17 +8697,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8469,7 +8715,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8496,7 +8742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8509,12 +8755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8533,50 +8779,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8687,26 +8933,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8725,7 +8971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9586,24 +9832,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9611,14 +9878,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9626,7 +9893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9637,79 +9904,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9717,7 +9948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9725,7 +9956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9733,7 +9964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9745,22 +9976,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9768,7 +9999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9776,7 +10007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9784,7 +10015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9796,22 +10027,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9819,14 +10050,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9834,7 +10065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9845,18 +10076,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9864,14 +10101,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9879,7 +10116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9890,19 +10127,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9910,7 +10147,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9922,39 +10159,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9962,12 +10189,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9980,57 +10207,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10038,17 +10265,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10058,12 +10285,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10074,19 +10301,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10096,12 +10323,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10109,7 +10336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10124,7 +10351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10133,7 +10360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10141,7 +10368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10151,7 +10378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12858,14 +13085,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -12997,10 +13218,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "re_expression (string)" msgid "passwd_files (string)" -msgstr "re_expression (neudennad)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -13012,17 +13231,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/passwd" -msgstr "Dre ziouer : true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "re_expression (string)" msgid "group_files (string)" -msgstr "re_expression (neudennad)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -13034,10 +13249,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/group" -msgstr "Dre ziouer : true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15532,6 +15745,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/ca.po b/src/man/po/ca.po index b7767a2d93c..85b791ff08e 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -12,9 +12,9 @@ # Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2015-10-18 04:13+0000\n" "Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -24,7 +24,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -214,17 +214,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" -"Una línia de comentari comença amb un signe de coixinet (<quote>#</quote>) o " -"un signe de punt i coma (<quote>;</quote>). Els comentaris en línia no " -"estan admesos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 @@ -339,11 +332,11 @@ msgstr "" "opció." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Per defecte: true" @@ -365,16 +358,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -399,8 +392,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Per defecte: 10" @@ -415,7 +408,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -504,7 +497,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -526,12 +519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -542,40 +535,40 @@ msgstr "" "compondre un FQN des dels components del nom d'usuari i del nom del domini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "nom d'usuari" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" "el nom del domini tal com s'especifica al fitxer de configuració de l'SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -733,9 +726,9 @@ msgstr "" "d'aquesta opció juntament amb use_fully_qualified_names establert a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -927,7 +920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Per defecte: Sense establir" @@ -1013,8 +1006,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Per defecte: 60" @@ -1074,8 +1067,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Per defecte: 300" @@ -1169,7 +1162,7 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Per defecte: 50" @@ -1191,7 +1184,7 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Per defecte: 15" @@ -1210,10 +1203,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Per defecte: 86400 (24 hores)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1226,11 +1217,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1239,17 +1230,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Per defecte: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1257,12 +1248,12 @@ msgstr "" "aquesta opció a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1271,7 +1262,7 @@ msgstr "" "si no se n'especifica cap explícitament amb el proveïdor de dades del domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1279,7 +1270,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1289,25 +1280,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Per defecte: sense establir (cap substitució per als directoris inicials no " "establerts)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1318,18 +1309,18 @@ msgstr "" "pot configurar ja sigui en la secció [nss] o per cada domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Per defecte: sense establir (SSSD utilitzarà el valor recuperat del LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1337,31 +1328,31 @@ msgstr "" "d'avaluació és:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell està present al <quote>/etc/shells</quote>, s'utilitza." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1369,112 +1360,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Per defecte: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1485,48 +1476,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "Opcions de configuració del PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1535,12 +1526,12 @@ msgstr "" "(Pluggable Authentication Module)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1550,17 +1541,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1569,12 +1560,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1584,7 +1575,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1592,17 +1583,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1611,43 +1602,43 @@ msgstr "" "l'autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "L'sssd actualment admet els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1656,61 +1647,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1722,7 +1713,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1736,17 +1727,17 @@ msgstr "" "excessives al proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1754,31 +1745,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1788,74 +1779,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1863,19 +1854,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1883,12 +1874,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1896,82 +1887,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Per defecte: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Per defecte: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "login" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "su" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "su-l" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "gdm-smartcard" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "gdm-password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "kdm" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "sudo-i" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "Opcions de configuració de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1989,24 +2061,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2016,23 +2088,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" "Es poden utilitzar aquestes opcions per configurar el servei de l'autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2040,89 +2112,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "Es poden utilitzar aquestes opcions per configurar el servei de l'SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "Per defecte: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" -msgstr "ldap_user_certificate (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"El directori esquemàtic que conté els fitxers i els directoris per copiar al " -"directori inicial, quan el directori inicial de l'usuari es crea amb " -"<citerefentry><refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2133,7 +2193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2144,25 +2204,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" "Es poden utilitzar aquestes opcions per configurar el contestador del PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2170,12 +2230,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2184,24 +2244,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2211,66 +2271,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2278,17 +2338,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2296,7 +2356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2304,22 +2364,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2328,14 +2388,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2344,31 +2404,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2377,7 +2437,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2390,24 +2450,24 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2416,29 +2476,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2452,7 +2512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2462,7 +2522,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2476,39 +2536,39 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2517,12 +2577,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2531,7 +2591,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2542,153 +2602,153 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "Per defecte: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2696,24 +2756,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "Per defecte: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2726,17 +2786,17 @@ msgstr "" "ha de ser superior o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2745,50 +2805,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Per defecte: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"<quote>ldap</quote> per autenticació nativa LDAP. Vegeu " -"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2796,8 +2848,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2806,8 +2858,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2815,19 +2867,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2840,7 +2892,7 @@ msgstr "" "l'usuari mentre que <command>getent passwd test@LOCAL</command> sí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2848,22 +2900,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2875,7 +2927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2883,12 +2935,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2897,7 +2949,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2908,7 +2960,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2919,7 +2971,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -2927,17 +2979,17 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2946,12 +2998,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2962,19 +3014,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2987,7 +3039,7 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2995,22 +3047,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3019,7 +3071,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3027,7 +3079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3038,7 +3090,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3046,12 +3098,12 @@ msgstr "" "objectiu PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3060,17 +3112,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3078,32 +3130,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3114,7 +3166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3123,12 +3175,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3136,7 +3188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3144,31 +3196,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3176,7 +3228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3185,17 +3237,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3203,43 +3255,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3247,7 +3299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3255,7 +3307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3263,24 +3315,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3288,12 +3340,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3303,7 +3355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3312,29 +3364,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3345,7 +3397,7 @@ msgstr "" "quote> , el domini és tot el que hi ha després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3355,17 +3407,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3374,42 +3426,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3418,25 +3470,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3445,52 +3497,52 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3498,7 +3550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3506,17 +3558,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3524,34 +3576,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3561,32 +3613,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3596,34 +3648,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Per defecte: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3631,12 +3683,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3644,26 +3696,88 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Opcions vàlides per als dominis del servidor intermediari. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3671,7 +3785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3680,7 +3794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3691,17 +3805,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on reenvia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3710,12 +3824,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3726,12 +3840,12 @@ msgstr "" "format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3740,12 +3854,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3753,7 +3867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3762,12 +3876,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3784,7 +3898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3792,17 +3906,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3811,7 +3925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3821,7 +3935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3841,12 +3955,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "La secció del domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3857,29 +3971,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminat per als usuaris que es creen amb eines de l'espai " "d'usuari de l'SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3888,46 +4002,46 @@ msgstr "" "replaceable> i utilitzen aquest com el directori inicial." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3938,17 +4052,17 @@ msgstr "" "defecte en un directori inicial acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3961,17 +4075,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3982,17 +4096,17 @@ msgstr "" "suprimit. Si no s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4003,17 +4117,17 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4024,64 +4138,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4135,7 +4249,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4144,7 +4258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4152,7 +4266,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4317,7 +4431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples:" @@ -4414,52 +4528,97 @@ msgstr "Per defecte: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "Els dos mecanismes suportats actualment són:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Per defecte: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El vincle DN per defecte per utilitzar en realitzar les operacions d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "El tipus de testimoni d'autenticació del vincle DN per defecte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Els dos mecanismes suportats actualment són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "contrasenya" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Per defecte: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4468,74 +4627,74 @@ msgstr "" "text contrasenyes estan suportats actualment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objecte d'una entrada d'usuari a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Per defecte: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "L'atribut LDAP que correspon al nom de compte de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" "L'atribut LDAP que correspon al númerdo de l'identificador de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Per defecte: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'atribut LDAP que correspon a l'identificador del grup primari de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Per defecte: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4543,96 +4702,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'atribut LDAP que correspon al camp gecos de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Per defecte: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "L'atribut LDAP que conté el nom del directori inicial de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Per defecte: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "L'atribut LDAP que conté el camí al shell per defecte de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Per defecte: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4641,17 +4800,17 @@ msgstr "" "pare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Per defecte: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4664,17 +4823,17 @@ msgstr "" "manvolnum></citerefentry> (data de l'últim canvi de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Per defecte: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4687,17 +4846,17 @@ msgstr "" "manvolnum></citerefentry> (edat mínima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Per defecte: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4710,17 +4869,17 @@ msgstr "" "manvolnum></citerefentry> (edat màxima de la contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Per defecte: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4733,17 +4892,17 @@ msgstr "" "manvolnum></citerefentry> (període d'advertència de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Per defecte: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4756,17 +4915,17 @@ msgstr "" "manvolnum></citerefentry> (període d'inactivitat de contrasenya)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Per defecte: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4779,17 +4938,17 @@ msgstr "" "manvolnum></citerefentry> (data de caducitat del compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Per defecte: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4800,17 +4959,17 @@ msgstr "" "contrasenya en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Per defecte: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -4820,114 +4979,114 @@ msgstr "" "contrasenya actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Per defecte: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Per defecte: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Per defecte: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Per defecte: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Per defecte: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -4936,24 +5095,24 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Per defecte: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4963,7 +5122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4971,51 +5130,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "Per defecte: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5028,24 +5187,24 @@ msgstr "" "voleu utilitzar un àmbit en majúscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5056,7 +5215,7 @@ msgstr "" "los per estalviar espai." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5065,43 +5224,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Per defecte: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "Per defecte: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5112,7 +5271,7 @@ msgstr "" "l'usuari per determinar els privilegis d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5121,7 +5280,7 @@ msgstr "" "l'SSSD cerca autoritzacions explícites (svc) i, finalment, allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5129,17 +5288,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Per defecte: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5147,14 +5306,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5162,17 +5321,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5180,14 +5339,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5195,37 +5354,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5235,106 +5394,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objecte d'una entrada de grup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Per defecte: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'atribut LDAP que es correspon amb el nom del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'atribut LDAP que correspon a l'identificador del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'atribut LDAP que conté els noms dels membres del grup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Per defecte: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5342,34 +5501,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5381,7 +5540,7 @@ msgstr "" "RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5391,7 +5550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5401,17 +5560,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5419,14 +5578,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5434,7 +5593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5443,12 +5602,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5456,173 +5615,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "Per defecte: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'atribut LDAP que es correspon amb el nom del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "Per defecte: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Per defecte: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "Per defecte: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5630,95 +5789,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "Per defecte: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "Per defecte: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5726,7 +5885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5734,12 +5893,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5747,12 +5906,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5769,12 +5928,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5783,12 +5942,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5797,34 +5956,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Per defecte: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5832,14 +5991,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5847,17 +6006,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5867,12 +6026,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5880,17 +6039,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5898,13 +6057,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5913,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5921,12 +6080,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5936,7 +6095,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5945,7 +6104,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5957,7 +6116,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5968,7 +6127,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5979,22 +6138,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6003,7 +6162,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6012,12 +6171,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6031,32 +6190,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6064,12 +6223,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6078,12 +6237,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6091,17 +6250,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6112,17 +6271,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6131,12 +6290,12 @@ msgstr "" "i suportat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -6149,7 +6308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6161,17 +6320,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6179,51 +6338,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "Per defecte: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Per defecte: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6234,27 +6393,27 @@ msgstr "" "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6266,7 +6425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6277,7 +6436,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6289,41 +6448,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica l'àmbit KERBEROS (per a l'autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6333,7 +6492,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6341,12 +6500,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6355,7 +6514,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6364,7 +6523,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6372,7 +6531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6384,25 +6543,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6411,7 +6570,7 @@ msgstr "" "quan es compila amb la versió 2.4.13 o superiors d'OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6420,29 +6579,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6452,30 +6611,30 @@ msgstr "" "dels serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6491,12 +6650,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6505,14 +6664,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6521,17 +6680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6540,7 +6699,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6552,12 +6711,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6566,7 +6725,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6575,7 +6734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6583,7 +6742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6592,7 +6751,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6600,24 +6759,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6627,14 +6786,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6647,12 +6806,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6662,7 +6821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6672,20 +6831,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6694,31 +6853,31 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -6727,12 +6886,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6741,22 +6900,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple: cn=ppolicy,ou=policies,dc=exemple,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Per defecte: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6765,13 +6924,13 @@ msgstr "" "es fa una cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6781,7 +6940,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6790,7 +6949,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6799,7 +6958,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6808,19 +6967,19 @@ msgstr "" "biblioteques de client LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6831,7 +6990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6839,24 +6998,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6877,12 +7036,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "OPCIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6890,208 +7049,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "Per defecte: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "Per defecte: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "Per defecte: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "Per defecte: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "Per defecte: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "Per defecte: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "Per defecte: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "Per defecte: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "Per defecte: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "Per defecte: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "Per defecte: 21600 (6 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7099,101 +7258,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7202,111 +7361,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "OPCIONS D'AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "Per defecte: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7315,32 +7474,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7349,22 +7508,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7373,14 +7532,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7391,7 +7550,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7404,27 +7563,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7440,13 +7599,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7756,31 +7915,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7792,20 +8014,29 @@ msgstr "" "del Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8962,7 +9193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleà)" @@ -8977,7 +9208,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8992,12 +9223,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9018,12 +9249,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9047,17 +9278,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9065,7 +9296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -9092,7 +9323,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (enter)" @@ -9105,12 +9336,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9129,50 +9360,50 @@ msgid "Default: False (disabled)" msgstr "Per defecte: False (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -9283,26 +9514,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9321,7 +9552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "Per defecte: 5 (segons)" @@ -9632,40 +9863,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Aquestes opcions de configuració poden ser presents a una secció de " -"configuració de domini anomenada <quote>[domain/<replaceable>NAME</" -"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "NOTE: Must be used in conjunction with the <quote>pam_trusted_users</" -#| "quote> and <quote>pam_public_domains</quote> options. Please see the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more information on these two " -#| "PAM responder options." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"NOTA: Ha d'utilitzar-se juntament amb les opcions <quote>pam_trusted_users</" -"quote> i <quote>pam_public_domains</quote>. Si us plau, vegeu la pàgina del " -"manual de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> per a més informació sobre aquestes " -"dues opcions del contestador del PAM." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -9692,38 +9903,28 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 -#, fuzzy -#| msgid "ad_site (string)" msgid "ad_site" -msgstr "ad_site (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -10222,11 +10423,34 @@ msgstr "Per defecte: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 +msgid "ad_gpo_implicit_deny (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:424 +msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "Per defecte: 5 (segons)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:424 +#: sssd-ad.5.xml:445 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10234,12 +10458,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10247,14 +10471,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10264,7 +10488,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10275,79 +10499,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "login" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "su" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "su-l" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "gdm-password" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "gdm-smartcard" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "kdm" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10355,7 +10543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10363,7 +10551,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10373,7 +10561,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10385,22 +10573,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10408,7 +10596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10416,7 +10604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10426,7 +10614,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10438,22 +10626,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10461,14 +10649,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10478,7 +10666,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10489,18 +10677,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10508,14 +10702,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10525,7 +10719,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10536,19 +10730,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10558,7 +10752,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10570,39 +10764,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "sudo" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "sudo-i" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10612,12 +10796,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10630,57 +10814,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10688,17 +10872,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10708,12 +10892,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10724,19 +10908,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "Per defecte: 3600 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10746,12 +10930,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Per defecte: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10759,7 +10943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10783,7 +10967,7 @@ msgstr "" "ad_domain = exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10795,7 +10979,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10803,7 +10987,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10813,7 +10997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -13701,10 +13885,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -13713,19 +13895,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " -#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring Kerberos." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"<quote>krb5</quote> per canviar la contrasenya Kerberos. Vegeu " -"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -13844,18 +14018,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "Set the UID of the user to <replaceable>UID</replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." -msgstr "Estableix l'UID de l'usuari a <replaceable>UID</replaceable>." +msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -13981,10 +14151,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "ad_site (string)" msgid "passwd_files (string)" -msgstr "ad_site (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -13996,17 +14164,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "Per defecte: password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_netgroup_triple (string)" msgid "group_files (string)" -msgstr "ldap_netgroup_triple (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -14018,10 +14182,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "Per defecte: nisNetgroup" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -16583,6 +16745,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -16685,10 +16867,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "ATENCIÓ SI US PLAU: una versió més antiga de libpcre només suporta la " -#~ "sintaxi Python (?P <name>) a l'etiqueta subpatterns." diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 1029b83732d..07b54985be2 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -7,9 +7,9 @@ # Zdenek <chmelarz@gmail.com>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2017-09-11 08:53+0000\n" "Last-Translator: Zdenek <chmelarz@gmail.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/sssd/language/" @@ -19,7 +19,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -295,11 +295,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -318,16 +318,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -352,8 +352,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -368,7 +368,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -448,7 +448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -468,12 +468,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -481,39 +481,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -637,9 +637,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -831,7 +831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -907,8 +907,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -968,8 +968,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1046,7 +1046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1064,7 +1064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1097,11 +1097,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1110,41 +1110,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1152,23 +1152,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1176,47 +1176,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1224,112 +1224,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1340,96 +1340,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1437,59 +1437,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1498,61 +1498,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1560,7 +1560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1569,17 +1569,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1587,31 +1587,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1621,74 +1621,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1696,19 +1696,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1716,12 +1716,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1729,80 +1729,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1813,24 +1896,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1840,22 +1923,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1863,51 +1946,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1916,24 +1999,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1944,7 +2027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1955,24 +2038,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1980,12 +2063,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1994,24 +2077,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2021,66 +2104,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2088,17 +2171,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2106,7 +2189,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2114,22 +2197,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2138,14 +2221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2154,38 +2237,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2194,24 +2277,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2220,29 +2303,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2256,14 +2339,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2272,39 +2355,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2313,19 +2396,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2336,151 +2419,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2488,24 +2571,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2514,17 +2597,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2533,34 +2616,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2568,7 +2651,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2576,8 +2659,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2586,8 +2669,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2595,19 +2678,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2616,7 +2699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2624,22 +2707,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2651,7 +2734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2659,19 +2742,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2679,7 +2762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2687,35 +2770,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2723,19 +2806,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2744,7 +2827,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2752,29 +2835,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2782,7 +2865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2790,35 +2873,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2826,32 +2909,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2862,7 +2945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2871,12 +2954,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2884,7 +2967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2892,31 +2975,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2924,7 +3007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2933,17 +3016,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2951,43 +3034,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2995,7 +3078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3003,7 +3086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3011,24 +3094,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3036,12 +3119,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3051,7 +3134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3061,29 +3144,29 @@ msgstr "" # auto translated by TM merge from project: Fedora Websites, version: fedorahosted.org, DocId: po/fedorahosted #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3091,7 +3174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3101,59 +3184,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3162,77 +3245,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3240,7 +3323,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3248,17 +3331,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3266,34 +3349,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3301,32 +3384,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3336,34 +3419,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3371,12 +3454,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3384,26 +3467,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3411,7 +3548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3420,7 +3557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3428,29 +3565,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3458,12 +3595,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3472,12 +3609,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3485,19 +3622,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3514,7 +3651,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3522,17 +3659,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3541,7 +3678,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3551,7 +3688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3571,12 +3708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3584,73 +3721,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3658,17 +3795,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3677,17 +3814,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3695,17 +3832,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3713,17 +3850,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3734,64 +3871,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3821,7 +3958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3830,7 +3967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3838,7 +3975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3987,7 +4124,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4082,124 +4219,163 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: po/ipa #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "heslo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4207,113 +4383,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4322,17 +4498,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4341,17 +4517,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4360,17 +4536,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4379,17 +4555,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4398,17 +4574,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4417,17 +4593,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4435,155 +4611,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4593,7 +4769,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4601,51 +4777,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4654,24 +4830,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4679,7 +4855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4688,43 +4864,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4732,14 +4908,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4747,17 +4923,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4765,14 +4941,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4780,17 +4956,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4798,14 +4974,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4813,37 +4989,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4853,106 +5029,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4960,34 +5136,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4995,7 +5171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5005,7 +5181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5015,17 +5191,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5033,14 +5209,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5048,7 +5224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5057,12 +5233,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5070,172 +5246,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5243,95 +5419,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5339,7 +5515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5347,12 +5523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5360,12 +5536,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5376,12 +5552,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5390,12 +5566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5404,34 +5580,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5439,14 +5615,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5454,17 +5630,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5474,12 +5650,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5487,17 +5663,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5505,13 +5681,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5520,7 +5696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5528,26 +5704,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5555,7 +5731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5563,7 +5739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5571,41 +5747,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5614,32 +5790,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5647,24 +5823,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5672,17 +5848,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5693,29 +5869,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5728,7 +5904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5740,17 +5916,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5758,49 +5934,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5808,27 +5984,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5840,7 +6016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5848,7 +6024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5856,39 +6032,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5898,7 +6074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5906,26 +6082,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5933,7 +6109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5941,31 +6117,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5974,56 +6150,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6039,12 +6215,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6053,14 +6229,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6069,24 +6245,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6094,19 +6270,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6115,7 +6291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6123,7 +6299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6132,7 +6308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6140,22 +6316,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6165,14 +6341,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6185,12 +6361,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6200,7 +6376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6210,63 +6386,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6275,74 +6451,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6353,7 +6529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6361,24 +6537,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6393,12 +6569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6406,208 +6582,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6615,101 +6791,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6718,111 +6894,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6831,32 +7007,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6865,22 +7041,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6889,14 +7065,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6904,7 +7080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6917,27 +7093,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6953,13 +7129,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7219,31 +7395,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7251,20 +7490,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8361,7 +8609,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8376,7 +8624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8391,12 +8639,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8417,12 +8665,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8446,17 +8694,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8464,7 +8712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8491,7 +8739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8504,12 +8752,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8528,50 +8776,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8682,26 +8930,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8720,7 +8968,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9581,24 +9829,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9606,14 +9875,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9621,7 +9890,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9632,79 +9901,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9712,7 +9945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9720,7 +9953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9728,7 +9961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9740,22 +9973,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9763,7 +9996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9771,7 +10004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9779,7 +10012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9791,22 +10024,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9814,14 +10047,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9829,7 +10062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9840,18 +10073,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9859,14 +10098,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9874,7 +10113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9885,19 +10124,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9905,7 +10144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9917,39 +10156,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9957,12 +10186,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9975,57 +10204,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10033,17 +10262,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10053,12 +10282,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10069,19 +10298,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10091,12 +10320,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10104,7 +10333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10119,7 +10348,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10128,7 +10357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10136,7 +10365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10146,7 +10375,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12858,10 +13087,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-h</option>,<option>--help</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-h</option>,<option>--help</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -15520,6 +15747,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/de.po b/src/man/po/de.po index 03ae0538ee0..a4219370a35 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -8,9 +8,9 @@ # Mario Blättermann <mario.blaettermann@gmail.com>, 2014 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-14 11:53+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: German (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -208,16 +208,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" -"Eine Kommentarzeile beginnt mit einem Rautenzeichen (»#«) oder einem " -"Strichpunkt (»;«). Kommentare innerhalb von Zeilen werden nicht unterstützt." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 @@ -328,11 +322,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Voreinstellung: »true«" @@ -351,16 +345,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -385,8 +379,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Voreinstellung: 10" @@ -401,7 +395,7 @@ msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Abschnittsparameter" @@ -490,7 +484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" @@ -513,12 +507,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -530,32 +524,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -564,7 +558,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -718,9 +712,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -912,7 +906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Voreinstellung: Nicht gesetzt" @@ -1004,8 +998,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Voreinstellung: 60" @@ -1065,8 +1059,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Voreinstellung: 300" @@ -1162,7 +1156,7 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Voreinstellung: 50" @@ -1184,7 +1178,7 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Voreinstellung: 15" @@ -1203,10 +1197,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Voreinstellung: 86400 (24 Stunden)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1219,11 +1211,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1232,17 +1224,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Voreinstellung: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1250,12 +1242,12 @@ msgstr "" "setzen Sie diese Option auf »false«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1264,7 +1256,7 @@ msgstr "" "es nicht explizit durch den Datenanbieter der Domain angegeben wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1272,7 +1264,7 @@ msgstr "" "»override_homedir«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1282,25 +1274,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-" "Verzeichnisse)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1311,19 +1303,19 @@ msgstr "" "entweder im Abschnitt [nss] oder für jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert " "benutzen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1331,12 +1323,12 @@ msgstr "" "Reihenfolge der Auswertung ist:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1345,7 +1337,7 @@ msgstr "" "shells« steht, wird der Wert des Parameters »shell_fallback« verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1354,12 +1346,12 @@ msgstr "" "steht, wird eine Nicht-Login-Shell benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1367,13 +1359,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Eine leere Zeichenkette als Shell wird, so wie sie ist, an Libc übergeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1382,28 +1374,28 @@ msgstr "" "Fall einer neu installierten Shell ein Neustart von SSSD nötig ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1411,17 +1403,17 @@ msgstr "" "auf dem Rechner installiert ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Voreinstellung: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1431,7 +1423,7 @@ msgstr "" "jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1441,12 +1433,12 @@ msgstr "" "Vernünftiges, üblicherweise /bin/sh, ersetzt.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1455,38 +1447,38 @@ msgstr "" "gültig erachtet wird." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1497,48 +1489,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Diese Option kann auch pro Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "PAM-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1547,12 +1539,12 @@ msgstr "" "Authentication Module« (PAM) einzurichten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1562,17 +1554,17 @@ msgstr "" "erfolgreichen Anmeldung)?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1581,12 +1573,12 @@ msgstr "" "Authentifizierungsanbieter offline ist?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1596,7 +1588,7 @@ msgstr "" "Anmeldeversuch möglich ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1608,17 +1600,17 @@ msgstr "" "Authentifizierung reaktivieren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Voreinstellung: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1627,43 +1619,43 @@ msgstr "" "angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "Derzeit unterstützt SSSD folgende Werte:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Voreinstellung: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1672,61 +1664,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1738,7 +1730,7 @@ msgstr "" "den neusten Informationen erfolgt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1752,17 +1744,17 @@ msgstr "" "viele Abfragen der Identitätsanbieter zu vermeiden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1773,7 +1765,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1783,7 +1775,7 @@ msgstr "" "automatisch angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1792,17 +1784,17 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1812,74 +1804,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1887,19 +1879,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1907,12 +1899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1920,82 +1912,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Voreinstellung: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Voreinstellung: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2013,12 +2086,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2028,12 +2101,12 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2043,23 +2116,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2070,23 +2143,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2095,12 +2168,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2109,53 +2182,43 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"die Verzeichnisvorlage, die Dateien und Verzeichnisse enthält, die in das " -"Home-Verzeichnis des Benutzers kopiert werden, wenn das Home-Verzeichnis " -"durch <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2166,7 +2229,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2177,7 +2240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2186,18 +2249,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2208,14 +2271,14 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2228,24 +2291,24 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2255,66 +2318,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2322,17 +2385,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2340,7 +2403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2348,22 +2411,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2372,14 +2435,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2388,31 +2451,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2421,7 +2484,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2434,7 +2497,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2443,17 +2506,17 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2462,29 +2525,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2498,7 +2561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2508,7 +2571,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2523,7 +2586,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2532,32 +2595,32 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2571,12 +2634,12 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2585,7 +2648,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2603,17 +2666,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2622,19 +2685,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2643,12 +2706,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2657,12 +2720,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2671,12 +2734,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2685,12 +2748,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2700,24 +2763,24 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2727,49 +2790,49 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "bestimmt, ob auch Benutzerberechtigungen im lokalen LDB-Zwischenspeicher " "zwischengespeichert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Benutzerberechtigungen werden in einem SHA512-Hash, nicht im Klartext " "gespeichert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2777,24 +2840,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2807,17 +2870,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2830,17 +2893,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2848,38 +2911,26 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 -#, fuzzy -#| msgid "<quote>proxy</quote>: Support a legacy NSS provider" +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "»proxy«: unterstützt einen veralteten NSS-Anbieter." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 -#, fuzzy -#| msgid "<quote>local</quote>: SSSD internal provider for local users" +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." -msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"»ldap«: LDAP-Anbieter: Weitere Informationen über die Konfiguration von LDAP " -"finden Sie unter <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2890,8 +2941,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2904,8 +2955,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2917,12 +2968,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2932,7 +2983,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2946,7 +2997,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2958,22 +3009,22 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2985,7 +3036,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2993,12 +3044,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3007,7 +3058,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3018,7 +3069,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3030,24 +3081,24 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "»local«: SSSDs interner Anbieter für lokale Benutzer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3056,12 +3107,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3072,7 +3123,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3081,12 +3132,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3099,7 +3150,7 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3107,22 +3158,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3131,7 +3182,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3139,7 +3190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3151,19 +3202,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3172,19 +3223,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3195,7 +3246,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3204,7 +3255,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3213,19 +3264,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3242,7 +3293,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3251,12 +3302,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3267,7 +3318,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3279,12 +3330,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3293,12 +3344,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3308,7 +3359,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3320,7 +3371,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3329,17 +3380,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3347,37 +3398,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3385,7 +3436,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3397,7 +3448,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3409,7 +3460,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3417,17 +3468,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3436,7 +3487,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3448,12 +3499,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3468,7 +3519,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3480,22 +3531,22 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3505,7 +3556,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3515,7 +3566,7 @@ msgstr "" "bedeutet »der Name ist alles bis zum »@«-Zeichen, die Domain alles danach«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3525,17 +3576,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3543,46 +3594,46 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3591,25 +3642,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3618,52 +3669,52 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3671,7 +3722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3679,17 +3730,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3697,34 +3748,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3732,32 +3783,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3772,7 +3823,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3780,17 +3831,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -3798,12 +3849,12 @@ msgstr "" "Kennzeichnungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3811,12 +3862,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3824,26 +3875,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"gültige Optionen für Proxy-Domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3851,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3860,7 +3971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3872,17 +3983,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3892,12 +4003,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3908,12 +4019,12 @@ msgstr "" "$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3927,12 +4038,12 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3940,7 +4051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3949,12 +4060,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3971,7 +4082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3979,17 +4090,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3998,7 +4109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4008,7 +4119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -4028,12 +4139,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "Der Abschnitt lokale Domain" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4044,29 +4155,29 @@ msgstr "" "<replaceable>ID_Anbieter=lokal</replaceable> benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "die Standard-Shell für Anwender, die mit den SSSD-Werkzeugen für den " "Benutzerbereich erstellt wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Voreinstellung: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4075,17 +4186,17 @@ msgstr "" "replaceable> und benutzen dies als Home-Verzeichnis." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Voreinstellung: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4094,17 +4205,17 @@ msgstr "" "werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4113,12 +4224,12 @@ msgstr "" "entfernt werden soll; kann auf der Befehlszeile überschrieben werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4129,17 +4240,17 @@ msgstr "" "Standardzugriffsrechte für ein neu erstelltes Home-Verzeichnis anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Voreinstellung: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4152,17 +4263,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> erstellt wird" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Voreinstellung: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4173,17 +4284,17 @@ msgstr "" "wurde. Ist dies nicht angegeben wird ein Standardwert verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Voreinstellung: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4195,17 +4306,17 @@ msgstr "" "berücksichtigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Voreinstellung: keine, es wird kein Befehl ausgeführt" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4216,64 +4327,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4327,7 +4438,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4336,7 +4447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4344,7 +4455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4530,7 +4641,7 @@ msgstr "" "rfc/rfc2254.txt spezifiziert, sein." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Beispiele:" @@ -4650,53 +4761,98 @@ msgstr "Voreinstellung: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Derzeit werden vier Schematypen unterstützt:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Voreinstellung: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "der Standard-Bind-Domain-Name, der zum Durchführen von LDAP-Aktionen benutzt " "wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "der Typ des Authentifizierungs-Tokens des Standard-Bind-Domain-Namens" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Die beiden derzeit unterstützten Mechanismen sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Voreinstellung: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4705,72 +4861,72 @@ msgstr "" "nur Klartextpasswörter unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "die Objektklasse eines Benutzereintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Voreinstellung: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "das LDAP-Attribut, das zum Anmeldenamen des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "das LDAP-Attribut, das zu der ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Voreinstellung: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "das LDAP-Attribut, das zu der Hauptgruppen-ID des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Voreinstellung: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4778,82 +4934,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "das LDAP-Attribut, das zum Gecos-Feld des Benutzers gehört" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Voreinstellung: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "das LDAP-Attribut, das den Namen des Home-Verzeichnisses des Benutzers " "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Voreinstellung: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "das LDAP-Attribut, das den Pfad zur Standard-Shell des Benutzers enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Voreinstellung: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -4862,17 +5018,17 @@ msgstr "" "Dies wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4881,17 +5037,17 @@ msgstr "" "übergeordneten Objekt enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Voreinstellung: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4904,17 +5060,17 @@ msgstr "" "manvolnum> </citerefentry> (Datum der letzten Passwortänderung) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Voreinstellung: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4927,17 +5083,17 @@ msgstr "" "manvolnum> </citerefentry> (Mindestpasswortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Voreinstellung: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4950,17 +5106,17 @@ msgstr "" "manvolnum> </citerefentry> (maximales Passwortalter) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Voreinstellung: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4973,17 +5129,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortwarnperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Voreinstellung: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4996,17 +5152,17 @@ msgstr "" "manvolnum> </citerefentry> (Passwortinaktivitätsperiode) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Voreinstellung: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5019,17 +5175,17 @@ msgstr "" "manvolnum> </citerefentry> (Ablaufdatum des Kontos) gehört." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Voreinstellung: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5040,17 +5196,17 @@ msgstr "" "Passwortänderung in Kerberos gespeichert sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Voreinstellung: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5060,17 +5216,17 @@ msgstr "" "das aktuelle Passwort erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Voreinstellung: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5080,17 +5236,17 @@ msgstr "" "Konto erlischt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Voreinstellung: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5100,17 +5256,17 @@ msgstr "" "Benutzerkontos gespeichert ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Voreinstellung: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5119,17 +5275,17 @@ msgstr "" "legt dieser Parameter fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Voreinstellung: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5138,17 +5294,17 @@ msgstr "" "fest, ob Zugriff gewährt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Voreinstellung: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5157,12 +5313,12 @@ msgstr "" "fest, bis zu welchem Datum Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5171,17 +5327,17 @@ msgstr "" "Stunden eines Wochentages fest, in denen Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Voreinstellung: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5190,17 +5346,17 @@ msgstr "" "Hauptbenutzername) enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Voreinstellung: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5209,7 +5365,7 @@ msgstr "" "üblichen Benutzerattributen holen soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5226,7 +5382,7 @@ msgstr "" "unterschiedlichen LDAP-Schemata eingerichtet sind." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5238,12 +5394,12 @@ msgstr "" "verwendet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5252,12 +5408,12 @@ msgstr "" "<quote>telephoneNumber</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -5266,28 +5422,28 @@ msgstr "" "<quote>phone</quote> im Zwischenspeicher." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" "das LDAP-Attribut, das die öffentlichen SSH-Schlüssel des Benutzers enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5300,12 +5456,12 @@ msgstr "" "ungleich Null, falls Sie einen Realm in Großbuchstaben wünschen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5314,12 +5470,12 @@ msgstr "" "Zwischenspeicher aufgezählter Datensätze aktualisiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5330,7 +5486,7 @@ msgstr "" "haben) und diese entfernt werden, um Platz zu sparen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5339,44 +5495,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "das LDAP-Attribut, das dem vollständigen Benutzernamen entspricht" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Voreinstellung: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "das LDAP-Attribut, das die Gruppenmitgliedschaften des Benutzers aufführt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "Voreinstellung: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5387,7 +5543,7 @@ msgstr "" "im LDAP-Eintrag den Benutzers nutzen, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5396,7 +5552,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»svc«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5407,17 +5563,17 @@ msgstr "" "»ldap_user_authorized_service« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Voreinstellung: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5428,7 +5584,7 @@ msgstr "" "verwenden, um die Zugriffsrechte zu bestimmen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5437,7 +5593,7 @@ msgstr "" "SSSD eine explizite Erlaubnis (»host«) und zuletzt nach »allow_all« (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5448,17 +5604,17 @@ msgstr "" "»ldap_user_authorized_host« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Voreinstellung: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5466,14 +5622,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5481,37 +5637,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5521,82 +5677,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "die Objektklasse eines Gruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Voreinstellung: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "das LDAP-Attribut, das dem Gruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "das LDAP-Attribut, das der Gruppen-ID entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "das LDAP-Attribut, das die Namen der Gruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Voreinstellung: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5605,17 +5761,17 @@ msgstr "" "wird normalerweise nur für Active-Directory-Server benötigt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5624,7 +5780,7 @@ msgstr "" "eventuell weitere Flags enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5635,34 +5791,34 @@ msgstr "" "Domains herausgefiltert werden sollte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5674,7 +5830,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5691,7 +5847,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5701,80 +5857,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" -msgstr "ldap_groups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" -"Diese Option teilt SSSD mit, dass es den Vorteil einer Active-Directory-" -"spezifischen Funktionalität nutzen soll, die Gruppenachschlageoptionen und " -"Bereitstellungen mit komplexen oder tief verschachtelten Gruppen zu " -"beschleunigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" -"In den meisten Fällen ist es am besten, diese Option deaktiviert zu lassen. " -"Normalerweise führt sie nur bei sehr komplexen Verschachtelungen zu einer " -"Leistungssteigerung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" -"Falls diese Option aktiviert ist und SSSD beim Verbinden feststellt, dass " -"der Server sie unterstützt, wird SSSD sie verwenden. Daher bedeutet hier " -"»True« eigentlich »auto-detect«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" -"Hinweis: Es ist bekannt, dass diese Funktionalität derzeit nur mit Active " -"Directory 2008 R1 und neuer funktioniert. Weitere Einzelheiten finden Sie in " -"der <ulink url=\"http://msdn.microsoft.com/en-us/library/windows/desktop/" -"aa746475%28v=vs.85%29.aspx\"> MSDN™-Dokumentation</ulink>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" -"Diese Option teilt SSSD mit, dass es den Vorteil einer Active-Directory-" -"spezifischen Funktionalität nutzen soll, die möglicherweise Initgroups-" -"Aktionen beschleunigt (vor allem, beim Umgang mit komplexen oder " -"verschachtelten Gruppen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5784,76 +5922,76 @@ msgstr "" "und neuere Versionen ausgeführt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "die Objektklasse eines Netzgruppeneintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_object_class« benutzt " "werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "Voreinstellung: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "das LDAP-Attribut, das dem Netzgruppennamen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_name« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "das LDAP-Attribut, das die Namen der Netzgruppenmitglieder enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Beim IPA-Anbieter sollte stattdessen »ipa_netgroup_member« benutzt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "Voreinstellung: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5861,96 +5999,96 @@ msgstr "" "enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "Diese Option ist für IPA-Anbieter nicht verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Voreinstellung: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "Voreinstellung: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "Rechnerobjekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5960,47 +6098,47 @@ msgstr "" "unter »ldap_search_base«." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "die Objektklasse eines Diensteintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6008,49 +6146,49 @@ msgstr "" "das LDAP-Attribut, das die Namen von Dienstattributen und ihre Alias enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "das LDAP-Attribut, das den von diesem Dienst verwalteten Port enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "Voreinstellung: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "das LDAP-Attribut, das die von diesem Dienst verstandenen Protokolle enthält" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "Voreinstellung: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6061,7 +6199,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6072,12 +6210,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6089,12 +6227,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6111,12 +6249,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6125,12 +6263,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6144,17 +6282,17 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6164,17 +6302,17 @@ msgstr "" "pro Anfrage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6186,7 +6324,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6196,7 +6334,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6208,17 +6346,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6234,12 +6372,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6250,19 +6388,19 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6274,7 +6412,7 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6282,7 +6420,7 @@ msgstr "" "den Wert auf 0 setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6295,7 +6433,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6306,12 +6444,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6321,7 +6459,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6330,7 +6468,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6342,7 +6480,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6353,7 +6491,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6364,22 +6502,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6388,7 +6526,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6397,12 +6535,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6416,33 +6554,33 @@ msgstr "" "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6450,12 +6588,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6464,12 +6602,12 @@ msgstr "" "\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6481,19 +6619,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6512,17 +6650,17 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6531,12 +6669,12 @@ msgstr "" "GSSAPI getestet und wird unterstützt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -6549,14 +6687,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6566,25 +6697,19 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " "the first principal in keytab is returned." msgstr "" -"gibt an, welche SASL-Berechtigungs-ID benutzt werden soll. Wenn GSSAPI " -"verwendet wird, steht dies für den Kerberos-Principal, der für die " -"Authentifizierung zum Verzeichnis benutzt wird. Diese Option kann entweder " -"den vollständigen Principal (zum Beispiel Rechner/MeinRechner@EXAMPLE.COM) " -"oder nur den Namen des Principals (zum Beispiel Rechner/MeinRechner) " -"enthalten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6595,17 +6720,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6615,34 +6740,34 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "gibt die Keytab an, wenn SASL/GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6653,28 +6778,28 @@ msgstr "" "ausgewählte Mechnaismus GSSAPI ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" "gibt die Lebensdauer eines TGT in Sekunden an, falls GSSAPI benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6693,7 +6818,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6704,7 +6829,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6716,29 +6841,29 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "gibt den Kerberos-REALM an (für SASL/GSSAPI-Authentifizierung)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6748,12 +6873,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6769,7 +6894,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6780,12 +6905,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6794,7 +6919,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6803,7 +6928,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6814,7 +6939,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6826,7 +6951,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6836,17 +6961,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6855,7 +6980,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6869,28 +6994,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6899,17 +7024,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6918,12 +7043,12 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6953,12 +7078,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6970,7 +7095,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -6979,7 +7104,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6988,17 +7113,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7007,7 +7132,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7018,12 +7143,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7032,7 +7157,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7045,7 +7170,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7056,7 +7181,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7069,7 +7194,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7080,24 +7205,24 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7107,14 +7232,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7127,12 +7252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7142,7 +7267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7152,20 +7277,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7174,33 +7299,33 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7209,12 +7334,12 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7223,22 +7348,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7247,12 +7372,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7262,7 +7387,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7271,7 +7396,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7280,7 +7405,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7289,12 +7414,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7303,7 +7428,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7321,7 +7446,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7332,24 +7457,24 @@ msgstr "" "die lokalen Benutzer um zusätzliche LDAP-Gruppen erweitert werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7369,12 +7494,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7385,52 +7510,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "die Objektklasse eines Sudo-Regeleintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "Voreinstellung: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "das LDAP-Attribut, das dem Namen der Sudo-Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "das LDAP-Attribut, das dem Namen des Befehls entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "Voreinstellung: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7439,17 +7564,17 @@ msgstr "" "Netzwerk oder des Netzwerkgruppe des Rechners) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "Voreinstellung: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7458,32 +7583,32 @@ msgstr "" "oder der Netzwerkgruppe des Benutzers) entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "Voreinstellung: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "das LDAP-Attribut, das den Sudo-Optionen entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "Voreinstellung: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7492,17 +7617,17 @@ msgstr "" "ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "Voreinstellung: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7511,17 +7636,17 @@ msgstr "" "worunter Befehle ausgeführt werden können" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "Voreinstellung: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7530,17 +7655,17 @@ msgstr "" "Sudo-Regel gültig wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "Voreinstellung: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7549,32 +7674,32 @@ msgstr "" "der die Sudo-Regel nicht länger gültig ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "Voreinstellung: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "das LDAP-Attribut, das dem Reihenfolgenindex der Regel entspricht" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "Voreinstellung: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7584,7 +7709,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7593,17 +7718,17 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7614,7 +7739,7 @@ msgstr "" "höchste USN der zwischengespeicherten Regeln haben, heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7623,12 +7748,12 @@ msgstr "" "das Attribut »modifyTimestamp« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7638,12 +7763,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7652,7 +7777,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7661,8 +7786,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7671,17 +7796,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7690,7 +7815,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7699,12 +7824,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7713,12 +7838,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7727,7 +7852,7 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7740,87 +7865,87 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "die Objektklasse eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "der Name eines Automount-Abbildungseintrags in LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7829,24 +7954,24 @@ msgstr "" "Eintrag einem Einhängepunkt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7859,32 +7984,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7893,22 +8018,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7917,14 +8042,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7935,7 +8060,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7948,27 +8073,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7984,13 +8109,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8298,49 +8423,94 @@ msgstr "Kerberos Locator-Plugin" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" -"Das Kerberos Locator-Plugin <command>sssd_krb5_locator_plugin</command> wird " -"vom Kerberos-Anbieter von <citerefentry> <refentrytitle>sssd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry> verwendet, um für die Kerberos-" -"Bibliotheken festzulegen, welcher Realm und KDC verwendet werden soll. " -"Typischerweise geschieht dies in der Datei <citerefentry> " -"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, die immer von den Kerberos-Bibliotheken gelesen wird. Um die " -"Konfiguration zu vereinfachen, können Realm und KDC in der Datei " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> definiert werden, so wie es in der Handbuchseite " -"zu <citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> beschrieben ist." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> legt den Realm und den Namen oder die IP-Adresse der " -"Schlüsselverwaltungszentrale (KDC) in den Umgebungsvariablen SSSD_KRB5_REALM " -"beziehungsweise SSSD_KRB5_KDC ab. Wenn <command>sssd_krb5_locator_plugin</" -"command> durch die Kerberos-Bibliotheken aufgerufen wird, liest es diese " -"Variablen, wertet sie aus und gibt sie an die Bibliotheken zurück." #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8352,7 +8522,7 @@ msgstr "" "Ihre Kerberos-Einrichtung widerspiegelt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8361,13 +8531,22 @@ msgstr "" "gesetzt ist, werden Debug-Nachrichten an »stderr« gesandt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9532,7 +9711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" @@ -9547,7 +9726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9569,12 +9748,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9603,12 +9782,12 @@ msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9636,17 +9815,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9654,7 +9833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -9689,7 +9868,7 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" @@ -9705,12 +9884,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9735,12 +9914,12 @@ msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9749,38 +9928,38 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -9904,26 +10083,26 @@ msgstr "" "zu verwenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9942,7 +10121,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" @@ -10271,37 +10450,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Diese Konfigurationsoptionen können in einem Abschnitt einer Domain-" -"Konfiguration vorhanden sein, das heißt, in einem Abschnitt namens " -"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder type=" -"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -10328,10 +10490,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 @@ -10340,24 +10500,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -10939,24 +11093,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "Voreinstellung: 5 (Sekunden)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10964,14 +11141,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10979,7 +11156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10990,79 +11167,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11070,7 +11211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11078,7 +11219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11086,7 +11227,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11098,22 +11239,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11121,7 +11262,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11129,7 +11270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11137,7 +11278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11149,22 +11290,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11172,14 +11313,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11187,7 +11328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11198,18 +11339,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11217,14 +11364,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11232,7 +11379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11243,19 +11390,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11263,7 +11410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11275,39 +11422,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11315,12 +11452,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11333,57 +11470,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11391,17 +11528,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11411,12 +11548,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11434,19 +11571,19 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11456,12 +11593,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Voreinstellung: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11473,7 +11610,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11497,7 +11634,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11509,7 +11646,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11520,7 +11657,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11530,7 +11667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -14587,10 +14724,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -14599,19 +14734,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"Weitere Einzelheiten finden Sie in der Handbuchseite <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -14752,22 +14879,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"sucht in der SSSD-Domain nach <replaceable>DOMAIN</replaceable> öffentlichen " -"Schlüsseln für den Rechner." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14893,10 +15012,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "ldap_access_filter (string)" msgid "passwd_files (string)" -msgstr "ldap_access_filter (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -14908,17 +15025,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "Voreinstellung: password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_netgroup_triple (string)" msgid "group_files (string)" -msgstr "ldap_netgroup_triple (Zeichenkette)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -14930,10 +15043,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "Voreinstellung: nisNetgroup" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -17668,6 +17779,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -17770,20 +17901,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "BITTE BEACHTEN SIE: Die Unterstützung für nicht eindeutig benannte " -#~ "Musterteile ist nicht auf allen Plattformen (z.B. RHEL5 und SLES10) " -#~ "vorhanden. Nur Plattformen mit Libpcre Version 7 oder höher können nicht " -#~ "eindeutig benannte Musterteile unterstützen." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "BITTE BEACHTEN SIE AUCH: Ältere Versionen von Libpcre unterstützen für " -#~ "Beschriftungsmusterteile nur die Python-Syntax (?P<Name>)." diff --git a/src/man/po/es.po b/src/man/po/es.po index b8c1c0c5770..693f9ce967a 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -11,13 +11,15 @@ # vareli <ehespinosa@ya.com>, 2013 # vareli <ehespinosa@ya.com>, 2013 # Daniel Cabrera <logan@fedoraproject.org>, 2011 +# Emilio Herrera <ehespinosa57@gmail.com>, 2018. #zanata +# Emilio Herrera <ehespinosa57@gmail.com>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" -"PO-Revision-Date: 2014-12-14 11:54+0000\n" -"Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" +"PO-Revision-Date: 2019-03-17 04:48+0000\n" +"Last-Translator: Emilio Herrera <ehespinosa57@gmail.com>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/sssd/language/" "es/)\n" "Language: es\n" @@ -25,7 +27,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -186,6 +188,10 @@ msgid "" "<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" " " msgstr "" +"<replaceable>[section]</replaceable>\n" +"<replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +"<replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:24 @@ -212,16 +218,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" -"Una línea de comentario comienza con una almohadilla (<quote>#</quote>) o un " -"punto y coma (<quote>;</quote>). No se soportan los comentarios en línea." +"Una línea de comentario empieza con una almohadilla (<quote>#</quote>) o un " +"punto y coma (<quote>;</quote>). Los comentarios en línea no están " +"soportados." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 @@ -246,7 +249,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:59 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" -msgstr "" +msgstr "FRAGMENTOS DE CONFIGURACIÓN DESDE EL DIRECTORIO INCLUDE" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:62 @@ -256,6 +259,10 @@ msgid "" "filename>. This feature is available if SSSD was compiled with libini " "version 1.3.0 or later." msgstr "" +"El fichero de configuración <filename>sssd.conf</filename> incluirá " +"fragmenteo de configuración usando el directorio include <filename>conf.d</" +"filename>. Esta característica está disponible si SSSD fue compilado con " +"libini versión 1.3.0 o posterior." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:69 @@ -265,6 +272,10 @@ msgid "" "(<quote>.</quote>) will be used together with <filename>sssd.conf</filename> " "to configure SSSD." msgstr "" +"Cualquier fichero situado en <filename>conf.d</filename> que termine en " +"<quote><filename>.conf</filename></quote> y no empiece con un punto (<quote>." +"</quote>) será usado junto con <filename>sssd.conf</filename> para " +"configurar SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:77 @@ -278,6 +289,14 @@ msgid "" "<filename>02_snippet.conf</filename> etc.) can help visualize the priority " "(higher number means higher priority)." msgstr "" +"Los fragmentos de configuración de <filename>conf.d</filename> tienen mayor " +"prioridad que los de <filename>sssd.conf</filename> y anularán " +"<filename>sssd.conf</filename> cuando ocurran conflictos. Si varios " +"fragmentos están presentes en <filename>conf.d</filename> serán incluidos en " +"orden alfabético (en base a la localización). Los ficheros incluidos más " +"tarde tienen prioridad mas alta. Prefijos numéricos (<filename>01_snippet." +"conf</filename>, <filename>02_snippet.conf</filename> etc.) pueden ayudar a " +"visualizar la prioridad (números mas altos significan prioridad más alta)." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:91 @@ -285,21 +304,25 @@ msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>. Which are by default root:root and 0600." msgstr "" +"Los ficheros fragmentos requieren los mismos propietarios y permisos que " +"<filename>sssd.conf</filename>. Que son por defecto root:root y 0600." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:98 msgid "GENERAL OPTIONS" -msgstr "" +msgstr "OPCIONES GENERALES" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:100 msgid "Following options are usable in more than one configuration sections." msgstr "" +"Las siguientes opciones son útiles en más de una de las secciones de " +"configuración." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:104 msgid "Options usable in all sections" -msgstr "" +msgstr "Opciones utilizables en todas las secciones" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:108 @@ -309,7 +332,7 @@ msgstr "debug_level (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:112 msgid "debug (integer)" -msgstr "" +msgstr "debug (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:115 @@ -319,6 +342,10 @@ msgid "" "are specified, the value of <replaceable>debug_level</replaceable> will be " "used." msgstr "" +"SSSD 1.14 y posteriores también incluyen el alias <replaceable>debug</" +"replaceable> para <replaceable>debug_level</replaceable> como ua " +"característica de conveniencia. Si se usan ambas se usará el valor de " +"<replaceable>debug_level</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:125 @@ -331,13 +358,15 @@ msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" +"Añade una sello de tiempo a los mensajes de depuración. Si journald está " +"habilitado para el registro de la depuración SSSD esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Predeterminado: true" @@ -353,19 +382,22 @@ msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" +"Añade microsegundos al sello de tiempo en los mensajes de depuración. Si " +"journald está habilitado para el registro de la depuración SSSD esta opción " +"se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -374,7 +406,7 @@ msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:155 msgid "Options usable in SERVICE and DOMAIN sections" -msgstr "" +msgstr "Opciones utilizables en las secciones SERVICIO y DOMINIO" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:159 @@ -388,10 +420,13 @@ msgid "" "ensure that the process is alive and capable of answering requests. Note " "that after three missed heartbeats the process will terminate itself." msgstr "" +"Tiempo de salid en segundos entre pulsaciones para este servicio. Se usa " +"para asegurar que el proceso está vivo y capaz de contestar peticiones. " +"Advierta que después de tres pulsaciones perdidas el servicio se terminará." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -406,7 +441,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Parámetros de sección" @@ -437,6 +472,10 @@ msgid "" "platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" +"Lista separada por comas de los servicios que se han iniciado cuando el " +"mismo sssd se inició. <phrase condition=\"have_systemd\"> La lista de " +"servicios es opcional sobre plataformas donde se soporta systemd, ya que " +"serán enchufados o activado D-Bus cuando sea necesario. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:214 @@ -446,6 +485,10 @@ msgid "" "\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</" "phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" msgstr "" +"Servicios soportados: nss, pam <phrase condition=\"with_sudo\">, sudo</" +"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " +"condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder" +"\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:222 @@ -454,6 +497,9 @@ msgid "" "and the administrator must enable the ones allowed to be used by executing: " "\"systemctl enable sssd-@service@.socket\". </phrase>" msgstr "" +"<phrase condition=\"have_systemd\"> Por defecto, todos los servicios están " +"deshabilitados y el administrador debe habilitar aquellos que permita que se " +"usen para ejecución: \"systemctl enable sssd-@service@.socket\". </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 sssd.conf.5.xml:614 @@ -488,9 +534,15 @@ msgid "" "them to be queried. A domain name should only consist of alphanumeric ASCII " "characters, dashes, dots and underscores." msgstr "" +"Un dominio es una base de datos que contiene información del usuario. SSSD " +"puede usar más dominios a la vez, pero al menos se debe configurar uno o " +"SSSD no arrancará. Este parámetros describe la lista de dominios en el " +"orden que usted desea que sean consultados. Un nombre de dominio debería " +"solo constar de caracteres ASCII alfanuméricos, guiones, puntos y guiones " +"bajos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -510,58 +562,71 @@ msgid "" "ID providers there are also default regular expressions. See DOMAIN SECTIONS " "for more info on these regular expressions." msgstr "" +"Cada dominio puede tener una expresión regular individual configurada. Para " +"algunos proveedores de ID hay también expresiones regulares por defecto. Vea " +"las SECCIONES DOMINIO para mas información sobre estas expresiones regulares." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " "fully qualified name from user name and domain name components." msgstr "" +"<citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry>-formato compatible que describe como componer un " +"nombre de dominio totalmente cualificado y los componentes del nombre de " +"dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" -msgstr "" +msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" -msgstr "" +msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" -msgstr "" +msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" +"nombre de dominio como se especifica en el fichero de configuración SSSD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" -msgstr "" +msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" +"nombre plano de dominio. Principalmente usado por los dominios Active " +"Directory tanto los configurados directamente como los descubiertos por " +"medio de IPA de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" +"Son soportadas las siguientes expresiones: <placeholder type=\"variablelist" +"\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 @@ -656,7 +721,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:370 msgid "user (string)" -msgstr "" +msgstr "usuario (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:373 @@ -670,11 +735,20 @@ msgid "" "permissions may result in a non-usable SSSD. The same may occur in case of " "changes of the user running the NSS responder. </phrase>" msgstr "" +"El usuario debe dejar los privilegios donde corresponda para evitar que se " +"ejecute como usuario root. <phrase condition=\"have_systemd\"> Esta opción " +"no funciona cuando se están ejecutando servicios activados por socket, " +"puesto que el ajuste para que el usuario corra los procesos se fijan en el " +"momento de la compilación. El modo de anular la unidad de ficheros systemd " +"es creando los ficheros apropiados en /etc/systemd/system/. Tenga en cuenta " +"que cualquier cambio en el socket de usuario, grupo o permisos puede llevar " +"a un SSSD no utilizable. Lo mismo puede ocurrir en el caso de cambios del " +"usuario que ejecuta el contestador NSS. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:391 msgid "Default: not set, process will run as root" -msgstr "" +msgstr "Por defecto: no ajustado, los procesos correrán como root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:396 @@ -706,11 +780,16 @@ msgid "" "is not allowed to use this option together with use_fully_qualified_names " "set to False." msgstr "" +"Por favor advierta que si se ajusta esta opción todos los usuarios del " +"domino primario tiene que usar su nombre totalmente cualificado, e.g. " +"user@domain.name, para acceder. Fijando esta opción cambia el predeterminado " +"de use_fully_qualified_names a True. No está permitido usar esta opción unto " +"con use_fully_qualified_names fijado a False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -721,7 +800,7 @@ msgstr "Predeterminado: no definido" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:423 msgid "override_space (string)" -msgstr "" +msgstr "override_space (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:426 @@ -732,6 +811,12 @@ msgid "" "scripts that have difficulty handling spaces, due to the default field " "separator in the shell." msgstr "" +"Este parámetro reemplazará los espacios (barra espaciadora) con los " +"caracteres dados para los nombres de usuario y grupos. e.g. (_). Nombre de " +"usuario "john doe" será "john_doe" Esta característica " +"se ha añadido para ayudar a la compatibilidad los scripts de shell que " +"tienen dificultades con el manejo de espacios, debido al campo separador " +"predeterminado en el shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:435 @@ -741,21 +826,25 @@ msgid "" "character SSSD tries to return the unmodified name but in general the result " "of a lookup is undefined." msgstr "" +"Por favor advierta que es un error de configuración usar un carácter de " +"reemplazo que pueda ser usado en los nombres de grupo o usuario. Si un " +"nombre contiene el carácter de reemplazo SSSD intentará devolver un nombre " +"no modificado pero en general el resultado de la búsqueda es indefinido." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:443 msgid "Default: not set (spaces will not be replaced)" -msgstr "" +msgstr "Por defecto: no ajustado (los espacios no serán reemplazados)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:448 msgid "certificate_verification (string)" -msgstr "" +msgstr "certificate_verification (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:456 msgid "no_ocsp" -msgstr "" +msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:458 @@ -764,11 +853,14 @@ msgid "" "needed if the OCSP servers defined in the certificate are not reachable from " "the client." msgstr "" +"Deshabilita la comprobación de Protocolo de Estado de Certificado en Línea " +"(OCSP). Esto puede ser necesario si los servidores OCSP definidos en el " +"certificado no son alcanzables por el cliente." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:466 msgid "no_verification" -msgstr "" +msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 @@ -776,11 +868,13 @@ msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" +"Deshabilita la verificación completamente. Esto opción solo se debería usar " +"para pruebas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:474 msgid "ocsp_default_responder=URL" -msgstr "" +msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:476 @@ -789,30 +883,47 @@ msgid "" "mentioned in the certificate. URL must be replaced with the URL of the OCSP " "default responder e.g. http://example.com:80/ocsp." msgstr "" +"Fija el contestador OCSP por defecto que será usando en lugar del mencionado " +"en el certificado. La URL debe ser reemplazada con la URL del contestador " +"OCSP por defecto e.g. http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 +#, fuzzy +#| msgid "" +#| "(NSS Version) This option must be used together with " +#| "ocsp_default_responder_signing_cert." msgid "" "This option must be used together with ocsp_default_responder_signing_cert." msgstr "" +"(Versión NSS) Esta opción debe ser usada junto con " +"ocsp_default_responder_signing_cert." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 msgid "ocsp_default_responder_signing_cert=NAME" -msgstr "" +msgstr "ocsp_default_responder_signing_cert=NAME" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 +#, fuzzy +#| msgid "" +#| "(NSS Version) The nickname of the cert to trust (expected) to sign the " +#| "OCSP responses. The certificate with the given nickname must be " +#| "available in the systems NSS database." msgid "" "The nickname of the cert to trust (expected) to sign the OCSP responses. " "The certificate with the given nickname must be available in the systems NSS " "database." msgstr "" +"(NSS Version) El apodo del certificado en el que confiar (esperado) para " +"firmar las respuestas OCSP. El certificado con el apodo dado debe estar " +"disponible en la base de datos NSS del sistema." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 msgid "This option must be used together with ocsp_default_responder." -msgstr "" +msgstr "Esta opción debe ser usada junto con ocsp_default_responder." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -821,21 +932,25 @@ msgid "" "separated list of options. Supported options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Con este parámetros la verificación del certificado se puede sintonizar con " +"una lista de opciones separadas por comas. Las opciones soportadas son: " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:504 msgid "Unknown options are reported but ignored." -msgstr "" +msgstr "Se informa de las opciones desconocidas pero son ignoradas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:507 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" +"Por defecto: no fijado, i.e. no restringe la verificación de certificado" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:513 msgid "disable_netlink (boolean)" -msgstr "" +msgstr "disable_netlink (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:516 @@ -843,6 +958,8 @@ msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" +"SSSD se engancha en el interfaz netlink para monitorizar los cambios a " +"rutas, direcciones, enlaces y disparar ciertas acciones." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:521 @@ -850,16 +967,19 @@ msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" +"Los cambios en el estado de SSSD causados por eventos en enlace de red " +"pueden ser no deseados y pueden ser deshabilitados ajustando esta opción a " +"'true'" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:526 msgid "Default: false (netlink changes are detected)" -msgstr "" +msgstr "Predeterminado: false (se detectan los cambio de enlace de red)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:531 msgid "enable_files_domain (boolean)" -msgstr "" +msgstr "enable_files_domain (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:534 @@ -867,11 +987,14 @@ msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" +"Cuando se habilita esta opción, SSSD antepone in dominio implícito con " +"<quote>id_provider=files</quote> antes de cualquier dominio explícito " +"configurado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:548 msgid "domain_resolution_order" -msgstr "" +msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:551 @@ -883,6 +1006,12 @@ msgid "" "subdomains which are not listed as part of <quote>lookup_order</quote> will " "be looked up in a random order for each parent domain." msgstr "" +"Lista separada por comas de dominios y subdominios que representa el orden " +"de búsqueda que se seguirá. La lista no tiene que incluir todos los " +"dominios posibles ya que los dominios que falten se buscarán en el orden que " +"se presentan en la opción de configuración <quote>domains</quote>. Los " +"subdominios que no están listados como parte de <quote>lookup_order</quote> " +"serán buscados en un orden aleatorio por cada dominio padre." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:563 @@ -900,12 +1029,26 @@ msgid "" "shortnames, making this workaround totally not recommended in cases where " "usernames may overlap between domains." msgstr "" +"Por favor, advierta que cuando se fija esta opción el formato de salida de " +"todos los comandos es siempre plenamente cualificado aunque se usen los " +"nombre cortos para la entrada, para todos los usuarios excepto los " +"gestionados por el proveedro de ficheros. En caso de que el administrador " +"desee la salida no plenamente cualificada se debe usar los opción " +"full_name_format como se muestra abajo: <quote>full_name_format=%1$s</quote> " +"Sin embargo, tenga en cuenta que durante el acceso, las aplicaciones de " +"acceso con frecuencia canonicalizan el nombre de usuario llamando a " +"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry> que, si se devuelve un nombre corto para una " +"entrada cualificada (mientras que intenta alcanzar un usuario que existe en " +"múltiples dominios) debe re-enturar el intento de acceso hacia el dominio " +"que usa nombres cortos, haciendo este rodeo totalmente no recomendado en los " +"casos donde los nombres de usuarios se deben compartir entre dominios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" -msgstr "" +msgstr "Por defecto: No definido" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:184 @@ -991,17 +1134,22 @@ msgid "" "can't be shorter than 10 seconds. If a lower value is configured, it will be " "adjusted to 10 seconds." msgstr "" +"Esta opción especifica el número de segundos que un cliente de un proceso " +"SSSD puede conservar un descriptor de archivo sin comunicarse con él. Este " +"valor está limitado con el objetivo de evitar el agotamiento de recursos del " +"sistema. El tiempo de salida no puede ser más corto de 10 segundos. Si se " +"configura un valor más bajo será ajustado a 10 segundos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Predeterminado: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:661 msgid "offline_timeout (integer)" -msgstr "" +msgstr "offline_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:664 @@ -1010,11 +1158,15 @@ msgid "" "back online will increase based upon the time spent disconnected. This " "value is in seconds and calculated by the following:" msgstr "" +"Cuando SSSD conmuta al modo fuera de línea la cantidad tiempo antes de que " +"intente volver a estar en línea se incrementará en base al tiempo que ha " +"estado desconectado. Este valor es en segundos y se calcula mediante lo " +"siguiente:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:671 msgid "offline_timeout + random_offset" -msgstr "" +msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:674 @@ -1022,11 +1174,14 @@ msgid "" "The random offset can increment up to 30 seconds. After each unsuccessful " "attempt to go online, the new interval is recalculated by the following:" msgstr "" +"El desplazamiento aleatorio puede ser incrementado a 30 segundos. Después " +"de cada intento fracasado de ir a línea, el nuevo intervalo se re-calcula de " +"la siguiente forma:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:679 msgid "new_interval = old_interval*2 + random_offset" -msgstr "" +msgstr "new_interval = old_interval*2 + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:682 @@ -1035,11 +1190,14 @@ msgid "" "hour. If the calculated length of new_interval is greater than an hour, it " "will be forced to one hour." msgstr "" +"Advierta que la longitud máxima de cada intervalo está limitada actualmente " +"a una hora. Si la longitud calculada de new_interval es mayor de una hora se " +"forzará a una hora." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:693 msgid "responder_idle_timeout" -msgstr "" +msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:696 @@ -1052,17 +1210,24 @@ msgid "" "built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" +"Esta opción especifica el número de segundos que un proceso contestador SSSD " +"puede estar levantado sin ser usado. Este valor está limitado con el " +"objetivo de evitar el agotamiento de recursos del sistema. El valor mínimo " +"aceptable para esta opción es 60 segundos. Fijar esta opción a 0 (cero) " +"significa que se le ajustarña tiempo de espera al contestador. Esta opción " +"solo tiene efecto cuando SSSD está construido con soporte systemd y cuando " +"los servicios activados son socket o D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:715 msgid "cache_first" -msgstr "" +msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:718 @@ -1149,7 +1314,7 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Predeterminado: 50" @@ -1170,7 +1335,7 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Predeterminado: 15" @@ -1189,10 +1354,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Predeterminado: 86400 (24 horas)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1205,11 +1368,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1218,17 +1381,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Predeterminado: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1236,12 +1399,12 @@ msgstr "" "opción a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1250,7 +1413,7 @@ msgstr "" "especificado una explícitamente por el proveedor de datos del dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1258,7 +1421,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1268,24 +1431,24 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Por defecto: no fijado (sin sustitución para los directorios home no fijados)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1293,17 +1456,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1311,12 +1474,12 @@ msgstr "" "evaluación es:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1325,7 +1488,7 @@ msgstr "" "shells</quote>, usa el valor del parámetro shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1334,12 +1497,12 @@ msgstr "" "shells</quote>, se usará un shell de no acceso." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1347,12 +1510,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "Una cadena vacía para el shell se pasa como-es a libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1362,27 +1525,27 @@ msgstr "" "una nueva shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1390,24 +1553,24 @@ msgstr "" "máquina." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Predeterminado: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1417,12 +1580,12 @@ msgstr "" "normalmente /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1431,38 +1594,38 @@ msgstr "" "considerada válida." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1473,48 +1636,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Esta opción puede ser también fijada por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1523,12 +1686,12 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1537,17 +1700,17 @@ msgstr "" "los accesos escondidos (en días desde el último login en línea con éxito)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1556,12 +1719,12 @@ msgstr "" "login fallados están permitidos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1571,7 +1734,7 @@ msgstr "" "intento de login sea posible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1582,17 +1745,17 @@ msgstr "" "éxito puede habilitar otra vez la autenticación fuera de línea." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1601,44 +1764,44 @@ msgstr "" "autenticación. Cuanto mayor sea el número de mensajes más aparecen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1647,61 +1810,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1713,7 +1876,7 @@ msgstr "" "información más actual." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1727,17 +1890,17 @@ msgstr "" "proveedor de identidad." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1748,7 +1911,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1758,7 +1921,7 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1767,17 +1930,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1787,74 +1950,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1862,19 +2025,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1882,12 +2045,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1895,82 +2058,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Predeterminado: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." -msgstr "" +msgstr "Esta página de manual fue generada para la versión NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." -msgstr "" +msgstr "Esta página de manual fue generada para la versión OPENSSL." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1981,12 +2225,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1995,12 +2239,12 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2010,22 +2254,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2036,22 +2280,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2060,12 +2304,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2074,53 +2318,43 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"El directorio esqueleto, el cual contiene archivos y directorios a copiarse " -"en el directorio principal del usuario, cuando se crea el directorio " -"principal de <citerefentry><refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2131,7 +2365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2142,24 +2376,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2169,14 +2403,14 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2189,24 +2423,24 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2216,66 +2450,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2283,17 +2517,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2301,7 +2535,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2309,22 +2543,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2333,14 +2567,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2349,31 +2583,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2382,7 +2616,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2395,24 +2629,24 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2421,29 +2655,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2457,7 +2691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2467,7 +2701,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2481,7 +2715,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2490,32 +2724,32 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2524,12 +2758,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2538,7 +2772,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2549,17 +2783,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2568,19 +2802,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2589,12 +2823,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2603,12 +2837,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2617,12 +2851,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2631,12 +2865,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2645,71 +2879,71 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si las credenciales del usuario están también escondidas en el " "cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2717,24 +2951,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2747,17 +2981,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2770,17 +3004,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2788,38 +3022,26 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 -#, fuzzy -#| msgid "<quote>proxy</quote>: Support a legacy NSS provider" +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "<quote>proxy</quote>: Soporta un proveedor NSS legado" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 -#, fuzzy -#| msgid "<quote>local</quote>: SSSD internal provider for local users" +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." -msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"<quote>ldap</quote>: Proveedor LDAP. Vea <citerefentry> <refentrytitle>sssd-" -"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más " -"información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2830,8 +3052,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2844,8 +3066,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2857,12 +3079,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2872,7 +3094,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2886,7 +3108,7 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2894,22 +3116,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2921,7 +3143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2929,12 +3151,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2943,7 +3165,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2954,7 +3176,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2965,7 +3187,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -2973,17 +3195,17 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2992,12 +3214,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3008,7 +3230,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3017,12 +3239,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3035,7 +3257,7 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3043,22 +3265,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3067,7 +3289,7 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3075,7 +3297,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3086,7 +3308,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3094,13 +3316,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3109,18 +3331,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3131,33 +3353,33 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3168,7 +3390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3177,12 +3399,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3193,7 +3415,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3205,14 +3427,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3221,12 +3443,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3236,7 +3458,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3248,7 +3470,7 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3257,18 +3479,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3276,37 +3498,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3314,7 +3536,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3326,7 +3548,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3338,7 +3560,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3346,17 +3568,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3365,7 +3587,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3377,12 +3599,12 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3392,7 +3614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3405,22 +3627,22 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3430,7 +3652,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3441,7 +3663,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3451,17 +3673,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3470,42 +3692,42 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3514,25 +3736,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3541,53 +3763,53 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3595,25 +3817,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 +#, fuzzy +#| msgid "" +#| "With this parameter the certificate verification can be tuned with a " +#| "comma separated list of options. Supported options are: <placeholder type=" +#| "\"variablelist\" id=\"0\"/>" msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Con este parámetros la verificación del certificado se puede sintonizar con " +"una lista de opciones separadas por comas. Las opciones soportadas son: " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3621,34 +3851,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3656,32 +3886,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3691,7 +3921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3699,28 +3929,28 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3728,12 +3958,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3741,26 +3971,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3768,7 +4058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3777,7 +4067,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3789,17 +4079,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3808,12 +4098,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3824,12 +4114,12 @@ msgstr "" "$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3843,12 +4133,12 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3856,7 +4146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3865,12 +4155,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3887,7 +4177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3895,17 +4185,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3914,7 +4204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3924,7 +4214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3944,12 +4234,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3960,29 +4250,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3992,17 +4282,17 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4011,17 +4301,17 @@ msgstr "" "Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4030,12 +4320,12 @@ msgstr "" "borrados. Puede ser anulado desde la línea de comando." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4046,17 +4336,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4069,17 +4359,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4090,17 +4380,17 @@ msgstr "" "Si no se especifica, se utiliza un valor por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4111,17 +4401,17 @@ msgstr "" "único parámetro. El código de retorno del comando no es tenido en cuenta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4132,64 +4422,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4243,7 +4533,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4252,7 +4542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4260,7 +4550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4441,7 +4731,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Ejemplos:" @@ -4561,52 +4851,97 @@ msgstr "Predeterminado: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Cuatro tipos de esquema son actualmente soportados:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Predeterminado: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El enlazador DN por defecto a usar para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "El tipo de ficha de autenticación del enlazador DN por defecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Los dos mecanismos actualmente soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Por defecto: contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4615,73 +4950,73 @@ msgstr "" "actualmente password de texto claro." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La clase de objeto de una entrada de usuario en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Predeterminado: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "El atributo LDAP que corresponde al nombre de inicio de sesión del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "El atributo LDAP que corresponde al id de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Predeterminado: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Predeterminado: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4689,82 +5024,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "El atributo LDAP que corresponde al campo de gecos del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Predeterminado: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "El atributo LDAP que contiene el nombre del directorio principal del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Predeterminado: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "El atributo LDAP que contiene la ruta de acceso a la shell predeterminada " "del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Predeterminado: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -4773,17 +5108,17 @@ msgstr "" "es normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4792,17 +5127,17 @@ msgstr "" "objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Predeterminado: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4815,17 +5150,17 @@ msgstr "" "citerefentry> homologo (fecha del último cambio de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Predeterminado: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4838,17 +5173,17 @@ msgstr "" "citerefentry> homologo (edad mínima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Predeterminado: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4861,17 +5196,17 @@ msgstr "" "citerefentry> homologo (edad máxima del password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Predeterminado: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4884,17 +5219,17 @@ msgstr "" "citerefentry> homologo (período de aviso de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Predeterminado: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4907,17 +5242,17 @@ msgstr "" "citerefentry> homologo (período de inactividad de password)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Predeterminado: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4931,17 +5266,17 @@ msgstr "" "expiración de la cuenta)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Predeterminado: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4952,17 +5287,17 @@ msgstr "" "de password en kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Predeterminado: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -4972,17 +5307,17 @@ msgstr "" "el password actual." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Predeterminado: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -4991,17 +5326,17 @@ msgstr "" "nombre de un atributo LDAP que almacena el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Predeterminado: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5011,17 +5346,17 @@ msgstr "" "de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Predeterminado: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5030,17 +5365,17 @@ msgstr "" "determina si el acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Predeterminado: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5049,17 +5384,17 @@ msgstr "" "acceso está permitido o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Predeterminado: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5068,12 +5403,12 @@ msgstr "" "que fecha se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5082,17 +5417,17 @@ msgstr "" "hora de un día en la semana cuando se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Predeterminado: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5101,24 +5436,24 @@ msgstr "" "del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Predeterminado: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5128,7 +5463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5136,51 +5471,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5193,12 +5528,12 @@ msgstr "" "usar mayúsculas reales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5207,12 +5542,12 @@ msgstr "" "escondrijo de los registros enumerados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5223,7 +5558,7 @@ msgstr "" "para guardar espacio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5232,43 +5567,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "El atributo LDAP que lista los afiliación a grupo de usario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "Predeterminado: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5279,7 +5614,7 @@ msgstr "" "usuario para determinar el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5288,7 +5623,7 @@ msgstr "" "permiso explícito (svc) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5296,17 +5631,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Predeterminado: iluminada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5317,7 +5652,7 @@ msgstr "" "el privilegio de acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5326,7 +5661,7 @@ msgstr "" "SSSD para permiso explícito (host) y finalmente permitir todo (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5334,17 +5669,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Default: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5352,14 +5687,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5367,37 +5702,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5407,82 +5742,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La clase de objeto de una entrada de grupo LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Por defecto: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "El atributo LDAP que corresponde al nombre de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "El atributo LDAP que corresponde al id del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5491,24 +5826,24 @@ msgstr "" "normalmente sólo necesario para servidores ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5516,34 +5851,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5555,7 +5890,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5565,7 +5900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5575,151 +5910,135 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" -msgstr "ldap_groups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" -"Esta opción le dice a SSSD como tomar ventajar de una función específica de " -"Active Directory que puede acelerar las operaciones de búsqueda de grupo son " -"despliegues con grupos complejos o profundamente anidados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" -"En los casos más comunes, es mejor dejar esta opción deshabilitada. " -"Generalmente sólo suministra un incremento de rendimiento en anidamientos " -"muy complejos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" -"Si esta opción está habilitada, SSSD la usará si detecta que el servidor la " -"soporta durante la conexión inicial. De modo que “True” aquí significa " -"esencialmente “auto-detect”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" -"Nota: Esta función se sabe que actualmente trabajo sólo con Active Directory " -"2008 R1 y posteriores. Vea <ulink url=\"http://msdn.microsoft.com/en-us/" -"library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) " -"documentation</ulink> para más detalles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" -"Esta opción le dice a SSSD que tome ventaja de una función específica de " -"Active Directory que puede acelerar las operaciones de inicio de grupo (más " -"notable cuando se trata con grupos complejos o profundamente anidados)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "El atributo LDAP que contiene los nombres de los miembros de grupo de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5727,94 +6046,94 @@ msgstr "" "de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "Esta opción no está disponible en el proveedor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "Por defecto: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5824,47 +6143,47 @@ msgstr "" "de múltiples bases de búsqueda." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "La clase objeto de una entrada de servicio en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -5872,49 +6191,49 @@ msgstr "" "El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "Por defecto: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "El atributo LDAP que contiene los protocolos entendidos por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "Por defecto: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5925,7 +6244,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5936,12 +6255,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5953,12 +6272,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5975,12 +6294,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5989,12 +6308,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6007,17 +6326,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6026,17 +6345,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6047,7 +6366,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6057,7 +6376,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6068,17 +6387,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6088,12 +6407,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6104,19 +6423,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6127,7 +6446,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6135,7 +6454,7 @@ msgstr "" "a 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6148,7 +6467,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6159,12 +6478,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6174,7 +6493,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6183,7 +6502,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6194,7 +6513,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6205,7 +6524,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6216,22 +6535,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6240,7 +6559,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6249,12 +6568,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6268,33 +6587,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6302,12 +6621,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6316,12 +6635,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6332,18 +6651,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6354,17 +6673,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6373,12 +6692,12 @@ msgstr "" "probado y soportado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -6391,14 +6710,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6408,23 +6720,19 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " "the first principal in keytab is returned." msgstr "" -"Especifica la id de autorización SASL a usar. Cuando se usa GSSAPI, esto " -"representa el Kerberos principal usado para autenticación al directorio. " -"Esta opción puede contener el principal completo (por ejemplo host/" -"myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6435,17 +6743,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6454,34 +6762,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6492,27 +6800,27 @@ msgstr "" "es GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6531,7 +6839,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6542,7 +6850,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6554,29 +6862,29 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6585,12 +6893,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6600,7 +6908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6608,12 +6916,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6622,7 +6930,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6631,7 +6939,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6642,7 +6950,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6654,26 +6962,26 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6682,7 +6990,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6695,29 +7003,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6727,17 +7035,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6746,12 +7054,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6767,12 +7075,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6781,14 +7089,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6797,17 +7105,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6816,7 +7124,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6827,12 +7135,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6841,7 +7149,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6854,7 +7162,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6865,7 +7173,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6878,7 +7186,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6886,24 +7194,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6913,14 +7221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6933,12 +7241,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6948,7 +7256,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6958,20 +7266,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6980,32 +7288,32 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7014,12 +7322,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7028,22 +7336,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7052,13 +7360,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7068,7 +7376,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7077,7 +7385,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7086,7 +7394,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7095,12 +7403,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7109,7 +7417,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7127,7 +7435,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7138,24 +7446,24 @@ msgstr "" "initgroups() aumentará los usuarios locales con los grupos LDAP adicionales." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7175,12 +7483,12 @@ msgstr "" "completos. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7188,52 +7496,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "El objeto clase de una regla de entrada sudo en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "Por defecto: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "El atributo LDAP que corresponde a la regla nombre de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "El atributo LDAP que corresponde al nombre de comando." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "Por defecto: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7242,17 +7550,17 @@ msgstr "" "red IP del host o grupo de red del host)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "Por defecto: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7261,32 +7569,32 @@ msgstr "" "grupo o grupo de red del usuario)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "Por defecto: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "El atributo LDAP que corresponde a las opciones sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "Por defecto: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7295,17 +7603,17 @@ msgstr "" "pueden ejecutar como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "Por defectot: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7314,17 +7622,17 @@ msgstr "" "ejecutar comandos como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "Por defecto: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7333,17 +7641,17 @@ msgstr "" "regla sudo es válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "Por defecto: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7352,32 +7660,32 @@ msgstr "" "la regla sudo dejará de ser válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "Por defecto: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7387,7 +7695,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7396,17 +7704,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7417,7 +7725,7 @@ msgstr "" "USBN más alto que el USN más alto de las reglas escondidas)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7426,12 +7734,12 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7440,12 +7748,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7454,7 +7762,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7463,8 +7771,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7473,17 +7781,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7492,7 +7800,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7501,12 +7809,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7515,12 +7823,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7529,7 +7837,7 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7542,87 +7850,87 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "El nombre de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7631,24 +7939,24 @@ msgstr "" "normalmente a un punto de montaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7657,32 +7965,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7691,22 +7999,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7715,14 +8023,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7733,7 +8041,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7746,27 +8054,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7782,13 +8090,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8084,36 +8392,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> pone el Reino y el nombre o dirección IP del KDC en las " -"variables de entorno SSSD_KRB5_REALM y SSSD_KRB5_KDC respectivamente. Cuando " -"<command>sssd_krb5_locator_plugin</command> es llamado por las librerías " -"kerberos lee y evalúa estas variables y se las devuelve a las librerías." #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8124,7 +8490,7 @@ msgstr "" "usted tiene que editar /etc/krb5.conf para reflejar sus ajustes Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8133,13 +8499,22 @@ msgstr "" "valor los mensajes de depuración se enviarán a stderr." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9298,7 +9673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -9313,7 +9688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9331,12 +9706,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9357,12 +9732,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9386,17 +9761,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9404,7 +9779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -9431,7 +9806,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9444,12 +9819,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9468,50 +9843,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -9633,26 +10008,26 @@ msgstr "" "convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9671,7 +10046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" @@ -9994,37 +10369,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Estas opciones de configuración pueden estar presentes en la sección " -"configuración de dominio, esto es, en una sección llamada <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " -"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página " -"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -10051,10 +10409,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 @@ -10063,24 +10419,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -10592,24 +10942,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "Predeterminado: 5 (segundos)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10617,14 +10990,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10632,7 +11005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10643,79 +11016,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10723,7 +11060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10731,7 +11068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10739,7 +11076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10751,22 +11088,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10774,7 +11111,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10782,7 +11119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10790,7 +11127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10802,22 +11139,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10825,14 +11162,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10840,7 +11177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10851,18 +11188,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10870,14 +11213,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10885,7 +11228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10896,19 +11239,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10916,7 +11259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10928,39 +11271,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10968,12 +11301,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10986,57 +11319,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11044,17 +11377,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11064,12 +11397,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11080,19 +11413,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11102,12 +11435,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11118,7 +11451,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11142,7 +11475,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11154,7 +11487,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11165,7 +11498,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11175,7 +11508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -14072,10 +14405,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -14084,19 +14415,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página " -"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -14235,22 +14558,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"Busca las claves públicas del host en el dominio SSSD <replaceable>DOMAIN</" -"replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14376,10 +14691,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "ldap_access_filter (string)" msgid "passwd_files (string)" -msgstr "ldap_access_filter (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -14391,17 +14704,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "Por defecto: contraseña" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_netgroup_triple (string)" msgid "group_files (string)" -msgstr "ldap_netgroup_triple (cadena)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -14413,10 +14722,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "Predeterminado: nisNetgroup" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -17070,6 +17377,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -17174,19 +17501,34 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." +#~ "(OpenSSL version) This option is currently ignored. All needed " +#~ "certificates must be available in the PEM file given by pam_cert_db_path." +#~ msgstr "" +#~ "(Versión OpenSSL) Esta opción se ignora actualmente. Todos los " +#~ "certificados necesarios deben estar disponibles en el fichero PEM " +#~ "indicado por pam_cert_db_path." + +#~ msgid "crl_file=/PATH/TO/CRL/FILE" +#~ msgstr "crl_file=/PATH/TO/CRL/FILE" + +#~ msgid "" +#~ "(NSS Version) This option is ignored, please see <citerefentry> " +#~ "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" +#~ "citerefentry> how to import a Certificate Revocation List (CRL) into a " +#~ "NSS database." #~ msgstr "" -#~ "POR FAVOR ADVIERTA: el soporte para subplantillas sin nombre único no " -#~ "está disponible en todas las plataformas (por ejemplo, RHEL5 y SLES10). " -#~ "Sólo las plataformas con la versión de libpcre 7 o superior pueden " -#~ "soportar las subplantillas sin nombre único." +#~ "(Versión NSS) Esta opción se ignora, por favor vea en <citerefentry> " +#~ "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" +#~ "citerefentry> como importar una Lista de Revocación de Certificado (CRL) " +#~ "en una base de datos NSS." #~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." +#~ "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the " +#~ "given file during the verification of the certificate. The CRL must be " +#~ "given in PEM format, see <citerefentry> <refentrytitle>crl</" +#~ "refentrytitle> <manvolnum>1ssl</manvolnum> </citerefentry> for details." #~ msgstr "" -#~ "POR FAVOR TENGA EN CUENTA ADEMAS: Versiones anteriores de libpcre sólo " -#~ "soportan la sintaxis Python (?P<name>) para identificar " -#~ "subpatrones." +#~ "(Versión OpenSSL) Usa la Lista de Revocación de Certificado (CRL) del " +#~ "fichero dado durante la verificación del certificado. La CRL se debe dar " +#~ "en formato PEM, vea detalles en <citerefentry> <refentrytitle>crl</" +#~ "refentrytitle> <manvolnum>1ssl</manvolnum> </citerefentry>." diff --git a/src/man/po/eu.po b/src/man/po/eu.po index 30ca7e3d1bf..4f193bc1fdc 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-14 11:55+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -292,11 +292,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -315,16 +315,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -349,8 +349,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -365,7 +365,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -445,7 +445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -465,12 +465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -478,39 +478,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -634,9 +634,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -828,7 +828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -904,8 +904,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -965,8 +965,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1043,7 +1043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1061,7 +1061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1094,11 +1094,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1107,41 +1107,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1149,23 +1149,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1173,47 +1173,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1221,112 +1221,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1337,96 +1337,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1434,59 +1434,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1495,61 +1495,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1557,7 +1557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1566,17 +1566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1584,31 +1584,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1618,74 +1618,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1693,19 +1693,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1713,12 +1713,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1726,80 +1726,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1810,24 +1893,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1837,22 +1920,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1860,51 +1943,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1913,24 +1996,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1941,7 +2024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1952,24 +2035,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1977,12 +2060,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1991,24 +2074,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2018,66 +2101,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2085,17 +2168,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2103,7 +2186,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2111,22 +2194,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2135,14 +2218,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2151,38 +2234,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2191,24 +2274,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2217,29 +2300,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2253,14 +2336,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2269,39 +2352,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2310,19 +2393,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2333,151 +2416,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2485,24 +2568,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2511,17 +2594,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2530,34 +2613,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2565,7 +2648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2573,8 +2656,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2583,8 +2666,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2592,19 +2675,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2613,7 +2696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2621,22 +2704,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2648,7 +2731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2656,19 +2739,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2676,7 +2759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2684,35 +2767,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2720,19 +2803,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2741,7 +2824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2749,29 +2832,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2779,7 +2862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2787,35 +2870,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2823,32 +2906,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2859,7 +2942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2868,12 +2951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2881,7 +2964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2889,31 +2972,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2921,7 +3004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2930,17 +3013,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2948,43 +3031,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2992,7 +3075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3000,7 +3083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3008,24 +3091,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3033,12 +3116,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3048,7 +3131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3057,29 +3140,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3087,7 +3170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3097,59 +3180,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3158,77 +3241,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3236,7 +3319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3244,17 +3327,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3262,34 +3345,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3297,32 +3380,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3332,34 +3415,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3367,12 +3450,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3380,26 +3463,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3407,7 +3544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3416,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3424,29 +3561,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3454,12 +3591,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3468,12 +3605,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3481,19 +3618,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3510,7 +3647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3518,17 +3655,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3537,7 +3674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3547,7 +3684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3567,12 +3704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3580,73 +3717,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3654,17 +3791,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3673,17 +3810,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3691,17 +3828,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3709,17 +3846,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3730,64 +3867,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3817,7 +3954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3826,7 +3963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3834,7 +3971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3983,7 +4120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4078,123 +4215,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4202,113 +4378,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4317,17 +4493,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4336,17 +4512,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4355,17 +4531,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4374,17 +4550,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4393,17 +4569,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4412,17 +4588,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4430,155 +4606,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4588,7 +4764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4596,51 +4772,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4649,24 +4825,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4674,7 +4850,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4683,43 +4859,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4727,14 +4903,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4742,17 +4918,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4760,14 +4936,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4775,17 +4951,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4793,14 +4969,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4808,37 +4984,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4848,106 +5024,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4955,34 +5131,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4990,7 +5166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5000,7 +5176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5010,17 +5186,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5028,14 +5204,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5043,7 +5219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5052,12 +5228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5065,172 +5241,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5238,95 +5414,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5334,7 +5510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5342,12 +5518,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5355,12 +5531,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5371,12 +5547,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5385,12 +5561,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5399,34 +5575,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5434,14 +5610,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5449,17 +5625,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5469,12 +5645,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5482,17 +5658,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5500,13 +5676,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5515,7 +5691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5523,26 +5699,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5550,7 +5726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5558,7 +5734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5566,41 +5742,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5609,32 +5785,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5642,24 +5818,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5667,17 +5843,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5688,29 +5864,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5723,7 +5899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5735,17 +5911,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5753,49 +5929,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5803,27 +5979,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5835,7 +6011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5843,7 +6019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5851,39 +6027,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5893,7 +6069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5901,26 +6077,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5928,7 +6104,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5936,31 +6112,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5969,56 +6145,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6034,12 +6210,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6048,14 +6224,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6064,24 +6240,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6089,19 +6265,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6110,7 +6286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6118,7 +6294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6127,7 +6303,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6135,22 +6311,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6160,14 +6336,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6180,12 +6356,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6195,7 +6371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6205,63 +6381,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6270,74 +6446,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6348,7 +6524,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6356,24 +6532,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6388,12 +6564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6401,208 +6577,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6610,101 +6786,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6713,111 +6889,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6826,32 +7002,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6860,22 +7036,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6884,14 +7060,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6899,7 +7075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6912,27 +7088,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6948,13 +7124,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7214,31 +7390,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7246,20 +7485,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8356,7 +8604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8371,7 +8619,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8386,12 +8634,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8412,12 +8660,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8441,17 +8689,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8459,7 +8707,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8486,7 +8734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8499,12 +8747,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8523,50 +8771,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8677,26 +8925,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8715,7 +8963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9576,24 +9824,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9601,14 +9870,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9616,7 +9885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9627,79 +9896,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9707,7 +9940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9715,7 +9948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9723,7 +9956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9735,22 +9968,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9758,7 +9991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9766,7 +9999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9774,7 +10007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9786,22 +10019,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9809,14 +10042,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9824,7 +10057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9835,18 +10068,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9854,14 +10093,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9869,7 +10108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9880,19 +10119,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9900,7 +10139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9912,39 +10151,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9952,12 +10181,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9970,57 +10199,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10028,17 +10257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10048,12 +10277,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10064,19 +10293,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10086,12 +10315,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10099,7 +10328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10114,7 +10343,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10123,7 +10352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10131,7 +10360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10141,7 +10370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12848,7 +13077,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -15508,6 +15737,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/fi.po b/src/man/po/fi.po index d73bfbe3c87..89f063cc950 100644 --- a/src/man/po/fi.po +++ b/src/man/po/fi.po @@ -1,9 +1,9 @@ # Toni Rantala <trantalafilo@gmail.com>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2017-03-24 08:46+0000\n" "Last-Translator: Toni Rantala <trantalafilo@gmail.com>\n" "Language-Team: Finnish\n" @@ -11,7 +11,7 @@ msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" #. type: Content of: <reference><title> @@ -287,11 +287,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Oletus:tosi" @@ -310,16 +310,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Oletus:epätosi" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -344,8 +344,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -360,7 +360,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -440,7 +440,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -460,12 +460,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -473,39 +473,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -629,9 +629,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -823,7 +823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -899,8 +899,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -960,8 +960,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1038,7 +1038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1056,7 +1056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1089,11 +1089,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1102,41 +1102,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1144,23 +1144,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1168,47 +1168,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1216,112 +1216,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1332,96 +1332,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1429,59 +1429,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1490,61 +1490,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1552,7 +1552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1561,17 +1561,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1579,31 +1579,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1613,74 +1613,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1688,19 +1688,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1708,12 +1708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1721,82 +1721,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: true" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Oletus:tosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1807,24 +1888,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1834,22 +1915,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1857,51 +1938,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1910,24 +1991,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1938,7 +2019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1949,24 +2030,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1974,12 +2055,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1988,24 +2069,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2015,66 +2096,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2082,17 +2163,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2100,7 +2181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2108,22 +2189,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2132,14 +2213,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2148,38 +2229,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2188,24 +2269,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2214,29 +2295,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2250,14 +2331,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2266,39 +2347,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2307,19 +2388,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2330,151 +2411,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2482,24 +2563,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2508,17 +2589,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2527,34 +2608,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2562,7 +2643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2570,8 +2651,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2580,8 +2661,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2589,19 +2670,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2610,7 +2691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2618,22 +2699,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2645,7 +2726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2653,19 +2734,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2673,7 +2754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2681,35 +2762,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2717,19 +2798,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2738,7 +2819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2746,29 +2827,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2776,7 +2857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2784,35 +2865,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2820,32 +2901,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2856,7 +2937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2865,12 +2946,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2878,7 +2959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2886,31 +2967,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2918,7 +2999,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2927,17 +3008,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2945,43 +3026,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2989,7 +3070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2997,7 +3078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3005,24 +3086,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3030,12 +3111,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3045,7 +3126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3054,29 +3135,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3084,7 +3165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3094,59 +3175,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3155,77 +3236,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3233,7 +3314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3241,17 +3322,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3259,34 +3340,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3296,32 +3377,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3331,34 +3412,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3366,12 +3447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3379,26 +3460,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "<placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3406,7 +3543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3415,7 +3552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3423,29 +3560,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3453,12 +3590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3467,12 +3604,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3480,19 +3617,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3509,7 +3646,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3517,17 +3654,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3536,7 +3673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3546,7 +3683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3566,12 +3703,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3579,73 +3716,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3653,17 +3790,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3672,17 +3809,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3690,17 +3827,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3708,17 +3845,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3729,64 +3866,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3816,7 +3953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3825,7 +3962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3833,7 +3970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3982,7 +4119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4077,123 +4214,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: true" +msgid "Default: exop" +msgstr "Oletus:tosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4201,113 +4379,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4316,17 +4494,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4335,17 +4513,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4354,17 +4532,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4373,17 +4551,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4392,17 +4570,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4411,17 +4589,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4429,155 +4607,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4587,7 +4765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4595,51 +4773,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4648,24 +4826,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4673,7 +4851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4682,43 +4860,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4726,14 +4904,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4741,17 +4919,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4759,14 +4937,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4774,17 +4952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4792,14 +4970,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4807,37 +4985,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4847,106 +5025,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4954,34 +5132,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4989,7 +5167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4999,7 +5177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5009,17 +5187,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5027,14 +5205,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5042,7 +5220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5051,12 +5229,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5064,172 +5242,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5237,95 +5415,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5333,7 +5511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5341,12 +5519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5354,12 +5532,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5370,12 +5548,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5384,12 +5562,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5398,34 +5576,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5433,14 +5611,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5448,17 +5626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5468,12 +5646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5481,17 +5659,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5499,13 +5677,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5514,7 +5692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5522,26 +5700,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5549,7 +5727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5557,7 +5735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5565,41 +5743,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5608,32 +5786,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5641,24 +5819,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5666,17 +5844,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5687,29 +5865,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5722,7 +5900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5734,17 +5912,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5752,49 +5930,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5802,27 +5980,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5834,7 +6012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5842,7 +6020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5850,39 +6028,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5892,7 +6070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5900,26 +6078,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5927,7 +6105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5935,31 +6113,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5968,56 +6146,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6033,12 +6211,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6047,14 +6225,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6063,24 +6241,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6088,19 +6266,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6109,7 +6287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6117,7 +6295,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6126,7 +6304,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6134,22 +6312,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6159,14 +6337,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6179,12 +6357,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6194,7 +6372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6204,63 +6382,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6269,74 +6447,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6347,7 +6525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6355,24 +6533,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6387,12 +6565,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6400,208 +6578,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6609,101 +6787,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6712,111 +6890,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6825,32 +7003,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6859,22 +7037,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6883,14 +7061,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6898,7 +7076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6911,27 +7089,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6947,13 +7125,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7213,31 +7391,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7245,20 +7486,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8355,7 +8605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8370,7 +8620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8385,12 +8635,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8411,12 +8661,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8440,17 +8690,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8458,7 +8708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8485,7 +8735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8498,12 +8748,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8522,50 +8772,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8676,26 +8926,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8714,7 +8964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9080,10 +9330,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_principal" msgid "ldap_user_search_base" -msgstr "ldap_user_principal" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 @@ -9577,24 +9825,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: false" +msgid "Default: False (seconds)" +msgstr "Oletus:epätosi" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9602,14 +9873,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9617,7 +9888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9628,79 +9899,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9708,7 +9943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9716,7 +9951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9724,7 +9959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9736,22 +9971,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9759,7 +9994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9767,7 +10002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9775,7 +10010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9787,22 +10022,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9810,14 +10045,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9825,7 +10060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9836,18 +10071,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9855,14 +10096,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9870,7 +10111,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9881,19 +10122,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9901,7 +10142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9913,39 +10154,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9953,12 +10184,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9971,57 +10202,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10029,17 +10260,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10049,12 +10280,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10065,19 +10296,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10087,12 +10318,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10100,7 +10331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10115,7 +10346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10124,7 +10355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10132,7 +10363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10142,7 +10373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12717,10 +12948,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -12851,7 +13080,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -12997,10 +13226,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: false" msgid "Default: /etc/passwd" -msgstr "Oletus:epätosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13017,10 +13244,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/group" -msgstr "Oletus:tosi" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15515,6 +15740,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 0b23694beaf..cc758d07c52 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -14,9 +14,9 @@ # Jérôme Fenal <jfenal@gmail.com>, 2016. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2016-03-19 03:04+0000\n" "Last-Translator: Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -26,7 +26,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -218,17 +218,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" -"Un commentaire de ligne commence par un octothorpe (<quote>#</quote>) ou un " -"point-virgule (<quote>;</quote>). Les commentaires au sein d'une ligne ne " -"sont pas pris en charge." #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:47 @@ -343,11 +336,11 @@ msgstr "" "la journalisation de débogage de SSSD, cette option sera ignorée." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Par défaut : true" @@ -369,16 +362,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -403,8 +396,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Par défaut : 10" @@ -419,7 +412,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Paramètres de sections" @@ -508,7 +501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -530,12 +523,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -547,33 +540,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -583,7 +576,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -741,9 +734,9 @@ msgstr "" "use_fully_qualified_names à False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -941,7 +934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Par défaut : non défini" @@ -1032,8 +1025,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Par défaut : 60" @@ -1093,8 +1086,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Par défaut : 300" @@ -1188,7 +1181,7 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Par défaut : 50" @@ -1210,7 +1203,7 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Par défaut : 15" @@ -1229,10 +1222,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Par défaut : 86400 (24 heures)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1245,11 +1236,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1258,17 +1249,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1276,12 +1267,12 @@ msgstr "" "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1290,7 +1281,7 @@ msgstr "" "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1298,7 +1289,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1308,25 +1299,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1338,17 +1329,17 @@ msgstr "" "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1356,14 +1347,14 @@ msgstr "" "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1373,7 +1364,7 @@ msgstr "" "shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1382,12 +1373,12 @@ msgstr "" "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1395,14 +1386,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1412,31 +1403,31 @@ msgstr "" "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1444,17 +1435,17 @@ msgstr "" "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1464,7 +1455,7 @@ msgstr "" "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1474,12 +1465,12 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1488,38 +1479,38 @@ msgstr "" "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1530,48 +1521,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1580,12 +1571,12 @@ msgstr "" "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1595,17 +1586,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1614,12 +1605,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1629,7 +1620,7 @@ msgstr "" "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1640,17 +1631,17 @@ msgstr "" "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1660,44 +1651,44 @@ msgstr "" "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1706,61 +1697,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1772,7 +1763,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1786,17 +1777,17 @@ msgstr "" "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1807,7 +1798,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1817,7 +1808,7 @@ msgstr "" "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1826,17 +1817,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1846,37 +1837,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -1884,7 +1875,7 @@ msgstr "" "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -1893,32 +1884,32 @@ msgstr "" "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1926,19 +1917,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1946,12 +1937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1959,82 +1950,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Par défaut : 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2051,12 +2123,12 @@ msgstr "" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2065,12 +2137,12 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2080,22 +2152,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2107,23 +2179,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2131,12 +2203,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2145,55 +2217,43 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" -msgstr "ldap_user_certificate (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"Le répertoire squelette contenant les fichiers et répertoires à copier dans " -"le répertoire personnel de l'utilisateur une fois ce répertoire créé par " -"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -"manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2204,7 +2264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2215,7 +2275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2224,19 +2284,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2247,14 +2307,14 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2267,24 +2327,24 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2294,66 +2354,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2361,17 +2421,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2379,7 +2439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2387,22 +2447,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2411,14 +2471,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2427,31 +2487,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2460,7 +2520,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2473,7 +2533,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2482,17 +2542,17 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2501,29 +2561,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2537,7 +2597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2547,7 +2607,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2561,7 +2621,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2570,32 +2630,32 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2609,12 +2669,12 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2623,7 +2683,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2641,17 +2701,17 @@ msgstr "" "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2660,19 +2720,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2681,12 +2741,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2695,12 +2755,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2709,12 +2769,12 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -2723,12 +2783,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -2737,12 +2797,12 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -2751,12 +2811,12 @@ msgstr "" "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -2766,48 +2826,48 @@ msgstr "" "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les données d'identification de l'utilisateur sont aussi mis en " "cache dans le cache LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Les informations d'identification utilisateur sont stockées dans une table " "de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2815,24 +2875,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2845,17 +2905,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2868,17 +2928,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2886,40 +2946,26 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 -#, fuzzy -#| msgid "<quote>proxy</quote>: Support a legacy NSS provider" +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 -#, fuzzy -#| msgid "<quote>local</quote>: SSSD internal provider for local users" +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" -"<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"<quote>ldap</quote> : fournisseur LDAP. Cf. " -"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> pour plus d'informations sur la configuration de " -"LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2931,8 +2977,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2945,8 +2991,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2958,12 +3004,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2973,7 +3019,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2987,7 +3033,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2999,22 +3045,22 @@ msgstr "" "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Par défaut : false (true si default_domain_suffix est utilisée)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3026,7 +3072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3034,12 +3080,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3048,7 +3094,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3060,7 +3106,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3071,7 +3117,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3079,18 +3125,18 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" "<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3099,12 +3145,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3115,7 +3161,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3124,12 +3170,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3142,7 +3188,7 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3150,22 +3196,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3174,7 +3220,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3182,7 +3228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3194,7 +3240,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3202,14 +3248,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3218,19 +3264,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3242,7 +3288,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3251,7 +3297,7 @@ msgstr "" "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3260,20 +3306,20 @@ msgstr "" "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3284,7 +3330,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3293,12 +3339,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3309,7 +3355,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3321,14 +3367,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3337,12 +3383,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3352,7 +3398,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3364,7 +3410,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3373,18 +3419,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3392,37 +3438,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3430,7 +3476,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3442,7 +3488,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3454,7 +3500,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3462,17 +3508,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3481,7 +3527,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3493,12 +3539,12 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3514,7 +3560,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3527,22 +3573,22 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3552,7 +3598,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3563,7 +3609,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3573,17 +3619,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3592,48 +3638,48 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3642,25 +3688,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3669,54 +3715,54 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3728,7 +3774,7 @@ msgstr "" "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3736,17 +3782,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3754,34 +3800,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3791,32 +3837,32 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3832,7 +3878,7 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -3840,17 +3886,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -3858,12 +3904,12 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3871,12 +3917,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3884,26 +3930,88 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Options valides pour les domaines proxy. <placeholder type=\"variablelist\" " +"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3911,7 +4019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3920,7 +4028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3932,17 +4040,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3951,12 +4059,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3967,12 +4075,12 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3986,12 +4094,12 @@ msgstr "" "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3999,7 +4107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4008,12 +4116,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4030,7 +4138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4038,17 +4146,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4057,7 +4165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4067,7 +4175,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -4087,12 +4195,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4103,29 +4211,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils en espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4134,17 +4242,17 @@ msgstr "" "replaceable> et l'utilisent comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4153,17 +4261,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4172,12 +4280,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4188,17 +4296,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4211,17 +4319,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4232,17 +4340,17 @@ msgstr "" "précisé, la valeur par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4253,17 +4361,17 @@ msgstr "" "code en retour de la commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4274,64 +4382,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4385,7 +4493,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4394,7 +4502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4402,7 +4510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4586,7 +4694,7 @@ msgstr "" "http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemples :" @@ -4706,53 +4814,98 @@ msgstr "Par défaut : rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Quatre types de schéma sont actuellement pris en charge :" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Par défaut : gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" "Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Par défaut : password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4761,74 +4914,74 @@ msgstr "" "mots de passe en clair sont actuellement pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "La classe d'objet d'une entrée utilisateur dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Par défaut : posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" "L'attribut LDAP correspondant à l'identifiant de connexion de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "L'attribut LDAP correspondant à l'id de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "par défaut : uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" "L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Par défaut : gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4836,70 +4989,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "L'attribut LDAP correspondant au champ gecos de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Par défaut : gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" "L'attribut LDAP qui contient le nom du répertoire personnel de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Par défaut : homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "L'attribut LDAP qui contient le chemin vers l'interpréteur de commandes de " "l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Par défaut : loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -4908,12 +5061,12 @@ msgstr "" "ipaUniqueID pour IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -4922,17 +5075,17 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -4941,17 +5094,17 @@ msgstr "" "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4964,17 +5117,17 @@ msgstr "" "citerefentry> (date de changement du dernier mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Par défaut : shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4987,17 +5140,17 @@ msgstr "" "citerefentry> (durée de validité minimum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Par défaut : shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5010,17 +5163,17 @@ msgstr "" "citerefentry> (âge maximum du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Par défaut : shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5033,17 +5186,17 @@ msgstr "" "citerefentry> (période d'avertissement du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Par défaut : shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5056,17 +5209,17 @@ msgstr "" "citerefentry> (période d'inactivité du mot de passe)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Par défaut : shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5080,17 +5233,17 @@ msgstr "" "citerefentry> (date d'expiration du compte)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Par défaut : shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5101,17 +5254,17 @@ msgstr "" "de mot de passe dans kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Par défaut : krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5121,17 +5274,17 @@ msgstr "" "passe actuel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Par défaut : krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5140,17 +5293,17 @@ msgstr "" "contient le nom d'un attribut LDAP stockant la date d'expiration du compte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Par défaut : accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5160,17 +5313,17 @@ msgstr "" "compte utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Par défaut : userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5179,17 +5332,17 @@ msgstr "" "paramètre détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Par défaut : nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5198,17 +5351,17 @@ msgstr "" "détermine si l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Par défaut : loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5217,12 +5370,12 @@ msgstr "" "détermine jusqu'à quand l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5232,17 +5385,17 @@ msgstr "" "est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Par défaut : loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5251,17 +5404,17 @@ msgstr "" "de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5270,7 +5423,7 @@ msgstr "" "plus des attributs utilisateur habituels." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5286,7 +5439,7 @@ msgstr "" "SSSD utilisant des schémas LDAP différents." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5297,12 +5450,12 @@ msgstr "" "d'attributs réservés est utilisé par un nom d'attribut supplémentaire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5311,12 +5464,12 @@ msgstr "" "<quote>telephoneNumber</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." @@ -5325,27 +5478,27 @@ msgstr "" "<quote>phone</quote> dans le cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "Par défaut : sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5358,12 +5511,12 @@ msgstr "" "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5372,12 +5525,12 @@ msgstr "" "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5388,7 +5541,7 @@ msgstr "" "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5397,44 +5550,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" "L'attribut LDAP énumérant les groupes auquel appartient un utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "Par défaut : memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5445,7 +5598,7 @@ msgstr "" "l'utilisateur pour déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5454,7 +5607,7 @@ msgstr "" "autorisation explicite (svc) et enfin allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5465,17 +5618,17 @@ msgstr "" "l'option ldap_user_authorized_service de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Par défaut : authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5486,7 +5639,7 @@ msgstr "" "déterminer les autorisations d'accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5495,7 +5648,7 @@ msgstr "" "autorisations explicites (host) et enfin toutes les autorisations (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5506,17 +5659,17 @@ msgstr "" "ldap_user_authorized_host de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Par défaut : host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5524,14 +5677,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5539,37 +5692,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5579,82 +5732,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "La classe d'objet d'une entrée de groupe dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Par défaut : posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "L'attribut LDAP correspondant au nom du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "L'attribut LDAP correspondant à l'identifiant de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "L'attribut LDAP contenant les noms des membres du groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5663,17 +5816,17 @@ msgstr "" "n'est habituellement nécessaire que pour les serveurs Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -5682,7 +5835,7 @@ msgstr "" "voire d'autres indicateurs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5693,34 +5846,34 @@ msgstr "" "hors des domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5732,7 +5885,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5742,7 +5895,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5752,80 +5905,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" -msgstr "ldap_groups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" -"Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " -"Directory spécifique qui peut accélérer les opérations de recherche de " -"groupe sur les déploiements utilisant des groupes profondément imbriqués et " -"complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" -"Dans la plupart des cas, il est préférable de laisser cette option " -"désactivée. Elle ne fournit une augmentation des performances que sur les " -"imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" -"Si cette option est activée, SSSD l'utilisera s'il détecte que le serveur la " -"prend en charge au cours de la connexion initiale. Ainsi, « true » signifie " -"essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" -"Remarque : Cette fonctionnalité fonctionne uniquement avec Active Directory " -"2008 R1 et versions suivantes. Consulter <ulink url=\"http://msdn.microsoft." -"com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx\">la " -"documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" -"Cette option indique à SSSD de tirer parti d'une fonctionnalité Active " -"Directory spécifique qui peut accélérer les opérations initgroups (le plus " -"souvent lors de l'utilisation de groupes profondément imbriqués ou " -"complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -5835,76 +5970,76 @@ msgstr "" "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5912,96 +6047,96 @@ msgstr "" "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6011,47 +6146,47 @@ msgstr "" "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6060,48 +6195,48 @@ msgstr "" "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6112,7 +6247,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6123,12 +6258,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6139,12 +6274,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6161,12 +6296,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6175,12 +6310,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6193,17 +6328,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6212,17 +6347,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6234,7 +6369,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6244,7 +6379,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6255,17 +6390,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6281,12 +6416,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6297,19 +6432,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6320,7 +6455,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6328,7 +6463,7 @@ msgstr "" "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6341,7 +6476,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6352,12 +6487,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6366,7 +6501,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6375,7 +6510,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6386,7 +6521,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6397,7 +6532,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6408,22 +6543,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6432,7 +6567,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6441,12 +6576,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6460,32 +6595,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6493,12 +6628,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6508,12 +6643,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6525,19 +6660,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6557,17 +6692,17 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6576,12 +6711,12 @@ msgstr "" "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -6594,14 +6729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6611,24 +6739,19 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " "the first principal in keytab is returned." msgstr "" -"Définit l'identité à utiliser pour l'autorisation SASL. Lorsque GSSAPI est " -"utilisé, c'est l'identifiant Kerberos principal utilisé pour s'authentifier " -"à l'annuaire. Cette option peut soit contenir le principal complet (par " -"exemple host/myhost@EXAMPLE.COM), soit juste le nom du principal (par " -"exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6639,17 +6762,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6658,34 +6781,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6696,27 +6819,27 @@ msgstr "" "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6736,7 +6859,7 @@ msgstr "" "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6747,7 +6870,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6759,29 +6882,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6791,12 +6914,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6811,7 +6934,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6823,12 +6946,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6837,7 +6960,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6846,7 +6969,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6857,7 +6980,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6869,7 +6992,7 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -6878,17 +7001,17 @@ msgstr "" "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6897,7 +7020,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6911,29 +7034,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6942,19 +7065,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -6964,12 +7087,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6985,12 +7108,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7002,7 +7125,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7011,7 +7134,7 @@ msgstr "" "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7020,17 +7143,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7039,7 +7162,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7051,12 +7174,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7065,7 +7188,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7078,7 +7201,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7089,7 +7212,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7102,7 +7225,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7113,24 +7236,24 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7140,14 +7263,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7160,12 +7283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7175,7 +7298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7185,20 +7308,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7207,32 +7330,32 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7241,12 +7364,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7255,22 +7378,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7279,12 +7402,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7294,7 +7417,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7303,7 +7426,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7312,7 +7435,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7321,12 +7444,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7335,7 +7458,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7353,7 +7476,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7364,24 +7487,24 @@ msgstr "" "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -7401,12 +7524,12 @@ msgstr "" "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7414,52 +7537,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -7468,17 +7591,17 @@ msgstr "" "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -7487,32 +7610,32 @@ msgstr "" "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -7521,17 +7644,17 @@ msgstr "" "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7540,17 +7663,17 @@ msgstr "" "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -7559,17 +7682,17 @@ msgstr "" "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7578,32 +7701,32 @@ msgstr "" "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -7613,7 +7736,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7622,17 +7745,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7644,7 +7767,7 @@ msgstr "" "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -7653,12 +7776,12 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -7668,12 +7791,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7682,7 +7805,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -7691,8 +7814,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7701,17 +7824,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7720,7 +7843,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7729,12 +7852,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -7743,12 +7866,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -7757,7 +7880,7 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7770,88 +7893,88 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7860,24 +7983,24 @@ msgstr "" "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7890,32 +8013,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7924,22 +8047,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7948,14 +8071,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7966,7 +8089,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7986,27 +8109,27 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8032,13 +8155,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8336,49 +8459,94 @@ msgstr "Greffon de localisation Kerberos" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" -"Le greffon de localisation Kerberos <command>sssd_krb5_locator_plugin</" -"command> est utilisé par le fournisseur Kerberos de " -"<citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum></" -"citerefentry> pour indiquer aux bibliothèques Kerberos quel domaine et quel " -"KDC à utiliser. En général, cela se fait en " -"<citerefentry><refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> qui est toujours lu par les bibliothèques de " -"Kerberos. Pour simplifier la configuration, le Domaine et le KDC peuvent " -"être définis dans <citerefentry><refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum></citerefentry> comme indiqué dans " -"<citerefentry><refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." -msgstr "" -"<citerefentry><refentrytitle>SSSD</refentrytitle> <manvolnum>8</manvolnum></" -"citerefentry> met le nom de domaine et le nom ou adresse IP du KDC dans les " -"variables d'environnement SSSD_KRB5_REALM et SSSD_KRB5_KDC respectivement. " -"Lorsque <command>sssd_krb5_locator_plugin</command> est appelé par les " -"bibliothèques de kerberos, il lit et évalue ces variables et les transmet " -"aux bibliothèques." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8390,7 +8558,7 @@ msgstr "" "configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -8400,13 +8568,22 @@ msgstr "" "d'erreur." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9565,7 +9742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -9580,7 +9757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9602,12 +9779,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9634,12 +9811,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9667,17 +9844,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9685,7 +9862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -9720,7 +9897,7 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" @@ -9737,12 +9914,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9767,12 +9944,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9781,38 +9958,38 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -9935,26 +10112,26 @@ msgstr "" "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9973,7 +10150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" @@ -10304,37 +10481,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Ces options de configuration peuvent être présentes dans la section de " -"configuration du domaine, c'est-à-dire dans la section nommée <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" " -"id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " -"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -10361,38 +10521,28 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 -#, fuzzy -#| msgid "ad_site (string)" msgid "ad_site" -msgstr "ad_site (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (chaînes)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -10914,11 +11064,34 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 +msgid "ad_gpo_implicit_deny (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:424 +msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "Par défaut : 5 (secondes)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:424 +#: sssd-ad.5.xml:445 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -10926,12 +11099,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10939,14 +11112,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10954,7 +11127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10965,79 +11138,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -11045,7 +11182,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -11053,7 +11190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -11061,7 +11198,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11073,22 +11210,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -11096,7 +11233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -11104,7 +11241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -11112,7 +11249,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11124,22 +11261,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -11147,14 +11284,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -11162,7 +11299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11173,18 +11310,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -11192,14 +11335,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -11207,7 +11350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -11218,19 +11361,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -11238,7 +11381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -11250,39 +11393,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -11290,12 +11423,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -11308,57 +11441,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -11366,17 +11499,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -11386,12 +11519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11409,19 +11542,19 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11431,12 +11564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11447,7 +11580,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11471,7 +11604,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11483,7 +11616,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11494,7 +11627,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11504,7 +11637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -14503,10 +14636,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -14515,19 +14646,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"Se reporter au paramètre <quote>dns_discovery_domain</quote> dans la page de " -"manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -14669,22 +14792,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</" -"replaceable> hôte." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -14810,10 +14925,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "ad_site (string)" msgid "passwd_files (string)" -msgstr "ad_site (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -14825,17 +14938,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "Par défaut : password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_netgroup_triple (string)" msgid "group_files (string)" -msgstr "ldap_netgroup_triple (chaîne)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -14847,10 +14956,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "Par défaut : nisNetgroup" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -17538,6 +17645,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -17640,20 +17767,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." -#~ msgstr "" -#~ "REMARQUE : la prise en charge de sous-motifs nommés multiples n'est pas " -#~ "disponible sur certaines plates-formes (par exemple, RHEL5 et SLES10). " -#~ "Seules les plates-formes avec libpcre version 7 ou supérieure peuvent " -#~ "prendre en charge les sous-motifs nommés multiples." - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "REMARQUE ADDITIONNELLE : les anciennes versions de libpcre ne supportent " -#~ "que la syntaxe Python (?P<name>) pour nommer les sous-motifs." diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 7de2b8d9665..24810874ae5 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -8,9 +8,9 @@ # carrotsoft <www.carrotsoft@gmail.com>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-14 11:59+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -319,11 +319,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "初期値: true" @@ -342,16 +342,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -376,8 +376,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "初期値: 10" @@ -392,7 +392,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -476,7 +476,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -496,12 +496,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -512,39 +512,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -687,9 +687,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -881,7 +881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -965,8 +965,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "初期値: 60" @@ -1026,8 +1026,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "初期値: 300" @@ -1120,7 +1120,7 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "初期値: 50" @@ -1141,7 +1141,7 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "初期値: 15" @@ -1160,10 +1160,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "初期値: 86400 (24 時間)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1176,11 +1174,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1189,17 +1187,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "初期値: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1207,12 +1205,12 @@ msgstr "" "ションを偽に設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1221,7 +1219,7 @@ msgstr "" "ホームディレクトリーの標準テンプレートを設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1229,7 +1227,7 @@ msgstr "" "同じです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1239,23 +1237,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1263,17 +1261,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1281,13 +1279,13 @@ msgstr "" "す:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1296,7 +1294,7 @@ msgstr "" "ば、shell_fallback パラメーターの値を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1305,12 +1303,12 @@ msgstr "" "ば、nologin シェルが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1318,12 +1316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "シェルの空文字列は libc にそのまま渡されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1333,27 +1331,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1361,74 +1359,74 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "初期値: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1439,48 +1437,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "このオプションはドメインごとに設定できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1489,12 +1487,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1503,17 +1501,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1521,12 +1519,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1535,7 +1533,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1546,17 +1544,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1565,42 +1563,42 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1609,61 +1607,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1673,7 +1671,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1686,17 +1684,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1706,31 +1704,31 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1740,74 +1738,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1815,19 +1813,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1835,12 +1833,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1848,82 +1846,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "初期値: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1934,12 +2013,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1948,12 +2027,12 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1963,22 +2042,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1989,87 +2068,77 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"ホームディレクトリーが <citerefentry> <refentrytitle>sss_useradd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> により作成されると" -"き、ユーザーのホームディレクトリーにコピーされるファイルおよびディレクトリー" -"を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2080,7 +2149,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2091,24 +2160,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2116,12 +2185,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2130,24 +2199,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2157,66 +2226,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2224,17 +2293,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2242,7 +2311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2250,22 +2319,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2274,14 +2343,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2290,31 +2359,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2323,7 +2392,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2335,24 +2404,24 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2361,29 +2430,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2397,7 +2466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2406,7 +2475,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2419,39 +2488,39 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2460,12 +2529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2474,7 +2543,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2485,17 +2554,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2504,19 +2573,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2525,12 +2594,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2539,12 +2608,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2553,94 +2622,94 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2648,24 +2717,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2677,17 +2746,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2696,17 +2765,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -2714,38 +2783,26 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 -#, fuzzy -#| msgid "<quote>proxy</quote>: Support a legacy NSS provider" +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "<quote>proxy</quote>: レガシーな NSS プロバイダーのサポート" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 -#, fuzzy -#| msgid "<quote>local</quote>: SSSD internal provider for local users" +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." -msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"<quote>ldap</quote>: LDAP プロバイダー。LDAP の設定に関する詳細は " -"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2756,8 +2813,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2770,8 +2827,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2782,12 +2839,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -2796,7 +2853,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2809,7 +2866,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2817,22 +2874,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2844,7 +2901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2852,12 +2909,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -2866,7 +2923,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2877,7 +2934,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2888,24 +2945,24 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -2914,12 +2971,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2930,7 +2987,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -2939,12 +2996,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2957,7 +3014,7 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2965,22 +3022,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -2989,7 +3046,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2997,7 +3054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3008,7 +3065,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -3016,12 +3073,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3030,19 +3087,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3053,33 +3110,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3090,7 +3147,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3099,12 +3156,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3112,7 +3169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3120,31 +3177,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3152,7 +3209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3161,17 +3218,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3179,37 +3236,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3217,7 +3274,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3228,7 +3285,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3239,7 +3296,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3247,17 +3304,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3266,7 +3323,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3277,12 +3334,12 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3292,7 +3349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3301,29 +3358,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3334,7 +3391,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3344,17 +3401,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3363,46 +3420,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3411,25 +3468,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -3438,52 +3495,52 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3491,7 +3548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3499,17 +3556,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3517,34 +3574,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3552,32 +3609,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3587,35 +3644,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3623,12 +3680,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3636,26 +3693,86 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"プロキシドメインに対して有効なオプションです。 <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3663,7 +3780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3672,7 +3789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3683,17 +3800,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -3702,12 +3819,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3718,12 +3835,12 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3732,12 +3849,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3745,7 +3862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -3754,12 +3871,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3776,7 +3893,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3784,17 +3901,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3803,7 +3920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3813,7 +3930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3833,12 +3950,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3849,27 +3966,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -3878,17 +3995,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -3897,17 +4014,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -3916,12 +4033,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3932,17 +4049,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3955,17 +4072,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3976,17 +4093,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3997,17 +4114,17 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4018,64 +4135,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4129,7 +4246,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4138,7 +4255,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4146,7 +4263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4314,7 +4431,7 @@ msgstr "" "な LDAP 検索フィルターである必要があります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "例:" @@ -4413,51 +4530,96 @@ msgstr "初期値: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "現在 2 つのメカニズムがサポートされます:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "初期値: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "LDAP ユーザー操作を実行するために使用される初期バインド DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "初期バインド DN の認証トークンの形式です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "現在 2 つのメカニズムがサポートされます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "初期値: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -4466,72 +4628,72 @@ msgstr "" "在サポートされます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "LDAP にあるユーザーエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "初期値: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "ユーザーのログイン名に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "ユーザーの ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "初期値: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "初期値: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4539,79 +4701,79 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "ユーザーの gecos 項目に対応する LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "初期値: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "ユーザーのホームディレクトリーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "初期値: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "ユーザーの初期シェルのパスを含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "初期値: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -4620,34 +4782,34 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "初期値: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4660,17 +4822,17 @@ msgstr "" "含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "初期値: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4683,17 +4845,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "初期値: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4706,17 +4868,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "初期値: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4729,17 +4891,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "初期値: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4752,17 +4914,17 @@ msgstr "" "みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "初期値: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4775,17 +4937,17 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "初期値: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4795,17 +4957,17 @@ msgstr "" "の最終パスワード変更日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "初期値: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -4814,17 +4976,17 @@ msgstr "" "ワード失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "初期値: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -4833,17 +4995,17 @@ msgstr "" "失効日時を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "初期値: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -4852,17 +5014,17 @@ msgstr "" "ウントの制御ビット項目を保存する LDAP 属性の名前を含みます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "初期値: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -4871,17 +5033,17 @@ msgstr "" "ターがアクセスが許可されるかされないかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "初期値: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -4890,17 +5052,17 @@ msgstr "" "かをこの属性が決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "初期値: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -4909,12 +5071,12 @@ msgstr "" "いつまで許可されるのかを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -4923,41 +5085,41 @@ msgstr "" "れるときの一週間の日の時間を決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "初期値: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "ユーザーの Kerberos User Principal Name (UPN) を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "初期値: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4967,7 +5129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4975,51 +5137,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "ユーザーの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5031,12 +5193,12 @@ msgstr "" "場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5044,12 +5206,12 @@ msgstr "" "SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5060,7 +5222,7 @@ msgstr "" "削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5069,43 +5231,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "初期値: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5116,7 +5278,7 @@ msgstr "" "authorizedService 属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5125,7 +5287,7 @@ msgstr "" "索します。最後にすべて許可 (*) を検索します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5133,17 +5295,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "初期値: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5154,7 +5316,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5163,7 +5325,7 @@ msgstr "" "索します。最後にすべて許可 (*) が検索されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5171,17 +5333,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "初期値: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5189,14 +5351,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5204,37 +5366,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -5244,82 +5406,82 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "初期値: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "グループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "グループの ID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "グループのメンバーの名前を含む LDAP の属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -5328,24 +5490,24 @@ msgstr "" "ActiveDirectory サーバーに対してのみ必要です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5353,34 +5515,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5391,7 +5553,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5401,7 +5563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5411,17 +5573,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" -msgstr "ldap_groups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5429,14 +5591,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5444,7 +5606,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5453,12 +5615,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5466,81 +5628,81 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -5548,96 +5710,96 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" "オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5647,95 +5809,95 @@ msgstr "" "してください。" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5743,7 +5905,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5754,12 +5916,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5767,12 +5929,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5788,12 +5950,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5802,12 +5964,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5816,17 +5978,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -5835,17 +5997,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5856,7 +6018,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -5866,7 +6028,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5877,17 +6039,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5897,12 +6059,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5910,17 +6072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5928,13 +6090,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5943,7 +6105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5951,12 +6113,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -5965,7 +6127,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5974,7 +6136,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5985,7 +6147,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5996,7 +6158,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6006,22 +6168,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6031,7 +6193,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6040,12 +6202,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6058,32 +6220,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6091,12 +6253,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6105,12 +6267,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6118,18 +6280,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6140,17 +6302,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -6159,12 +6321,12 @@ msgstr "" "れます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -6177,7 +6339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -6189,17 +6351,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6207,17 +6369,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6226,33 +6388,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6263,27 +6425,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6295,7 +6457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6306,7 +6468,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6317,27 +6479,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -6346,12 +6508,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6361,7 +6523,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6372,12 +6534,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -6386,7 +6548,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -6395,7 +6557,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6406,7 +6568,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6417,24 +6579,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -6443,7 +6605,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6452,28 +6614,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -6482,29 +6644,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6520,12 +6682,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6534,14 +6696,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6550,17 +6712,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -6569,7 +6731,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6580,12 +6742,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -6594,7 +6756,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6603,7 +6765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6614,7 +6776,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6627,7 +6789,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6635,23 +6797,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6661,14 +6823,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6681,12 +6843,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6696,7 +6858,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6706,20 +6868,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -6728,44 +6890,44 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6774,22 +6936,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -6798,12 +6960,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -6812,7 +6974,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -6821,7 +6983,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -6830,7 +6992,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -6839,19 +7001,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6862,7 +7024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6870,24 +7032,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6907,12 +7069,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6920,52 +7082,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -6974,17 +7136,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -6993,49 +7155,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -7043,34 +7205,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -7079,39 +7241,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7120,17 +7282,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -7138,31 +7300,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7171,15 +7333,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7188,17 +7350,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7207,7 +7369,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7215,31 +7377,31 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7251,87 +7413,87 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -7340,24 +7502,24 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -7366,32 +7528,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7400,22 +7562,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7424,14 +7586,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7442,7 +7604,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7455,27 +7617,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7491,13 +7653,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7785,37 +7947,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> は、レルム、および KDC の名前または IP アドレスを、それぞれ " -"SSSD_KRB5_REALM および SSSD_KRB5_KDC の中に置きます。" -"<command>sssd_krb5_locator_plugin</command> が Kerberos ライブラリーにより呼" -"び出されるとき、それがこれらの変数を読み込み、評価し、ライブラリーに返しま" -"す。" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7827,7 +8046,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -7836,13 +8055,22 @@ msgstr "" "セージが標準エラーに送られます。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8977,7 +9205,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -8992,7 +9220,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9010,12 +9238,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9036,12 +9264,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9065,17 +9293,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9083,7 +9311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -9110,7 +9338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" @@ -9123,12 +9351,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9147,12 +9375,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -9161,38 +9389,38 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -9313,26 +9541,26 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -9351,7 +9579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" @@ -9665,36 +9893,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"これらの設定オプションはドメイン設定のセクション、つまり <quote>[domain/" -"<replaceable>NAME</replaceable>]</quote> に存在します <placeholder type=" -"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> マニュアルページにある " -"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -9721,10 +9933,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_server, ad_backup_server (string)" msgid "ad_backup_server" -msgstr "ad_server, ad_backup_server (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 @@ -9733,24 +9943,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -10252,24 +10456,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "初期値: 5 (秒)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -10277,14 +10504,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -10292,7 +10519,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10303,79 +10530,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -10383,7 +10574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -10391,7 +10582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -10399,7 +10590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10411,22 +10602,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -10434,7 +10625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -10442,7 +10633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -10450,7 +10641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10462,22 +10653,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -10485,14 +10676,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -10500,7 +10691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10511,18 +10702,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -10530,14 +10727,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -10545,7 +10742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -10556,19 +10753,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -10576,7 +10773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -10588,39 +10785,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10628,12 +10815,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10646,57 +10833,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10704,17 +10891,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10724,12 +10911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10740,19 +10927,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10762,12 +10949,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10778,7 +10965,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10802,7 +10989,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10814,7 +11001,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10822,7 +11009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10832,7 +11019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -13665,10 +13852,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "client_idle_timeout" msgid "p11_child_timeout" -msgstr "client_idle_timeout" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 @@ -13677,19 +13862,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"詳細は <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> マニュアルページにある " -"<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -13828,22 +14005,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." msgstr "" -"SSSD ドメイン <replaceable>DOMAIN</replaceable> においてホスト公開鍵を検索し" -"ます。" #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -13969,10 +14138,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "ldap_access_filter (string)" msgid "passwd_files (string)" -msgstr "ldap_access_filter (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -13984,17 +14151,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "初期値: password" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_netgroup_triple (string)" msgid "group_files (string)" -msgstr "ldap_netgroup_triple (文字列)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -14006,10 +14169,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "初期値: nisNetgroup" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -16557,6 +16718,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -16659,10 +16840,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "関連注記: 古いバージョンの libpcre はサブパターンをラベル付けするために " -#~ "Python 構文 (?P<name>) のみをサポートします。" diff --git a/src/man/po/lv.po b/src/man/po/lv.po index 6474cdc53e7..9e8a059fcb7 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -7,9 +7,9 @@ # Kristaps, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:00+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -20,7 +20,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : " "2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -295,11 +295,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -318,16 +318,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -352,8 +352,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -368,7 +368,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -448,7 +448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -468,12 +468,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -481,39 +481,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -637,9 +637,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -831,7 +831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -907,8 +907,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Noklusējuma: 60" @@ -968,8 +968,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Noklusējuma: 300" @@ -1046,7 +1046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1064,7 +1064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Noklusējuma: 15" @@ -1083,10 +1083,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Noklusējuma: 86400 (24 stundas)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1099,11 +1097,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1112,41 +1110,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1154,23 +1152,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1178,47 +1176,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1226,112 +1224,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1342,96 +1340,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Noklusējuma: 0 (bez ierobežojuma)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1439,59 +1437,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1500,61 +1498,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1562,7 +1560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1571,17 +1569,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1589,31 +1587,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1623,74 +1621,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1698,19 +1696,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1718,12 +1716,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1731,82 +1729,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 1" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Noklusējuma: 1" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1817,24 +1896,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1844,22 +1923,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1867,51 +1946,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1920,24 +1999,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1948,7 +2027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1959,24 +2038,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1984,12 +2063,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1998,24 +2077,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2025,66 +2104,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2092,17 +2171,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2110,7 +2189,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2118,22 +2197,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2142,14 +2221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2158,38 +2237,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2198,24 +2277,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2224,29 +2303,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2260,14 +2339,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2276,39 +2355,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2317,19 +2396,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2340,151 +2419,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2492,24 +2571,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2518,17 +2597,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2537,34 +2616,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2572,7 +2651,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2580,8 +2659,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2590,8 +2669,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2599,19 +2678,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2620,7 +2699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2628,22 +2707,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2655,7 +2734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2663,19 +2742,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2683,7 +2762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2691,35 +2770,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2727,19 +2806,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2748,7 +2827,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2756,29 +2835,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2786,7 +2865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2794,35 +2873,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2830,32 +2909,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2866,7 +2945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2875,12 +2954,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2888,7 +2967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2896,31 +2975,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2928,7 +3007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2937,17 +3016,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2955,43 +3034,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2999,7 +3078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3007,7 +3086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3015,24 +3094,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3040,12 +3119,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3055,7 +3134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3064,29 +3143,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3094,7 +3173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3104,59 +3183,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3165,77 +3244,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3243,7 +3322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3251,17 +3330,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3269,34 +3348,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3304,32 +3383,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3339,34 +3418,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3374,12 +3453,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3387,26 +3466,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3414,7 +3547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3423,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3431,29 +3564,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3461,12 +3594,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3475,12 +3608,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3488,19 +3621,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3517,7 +3650,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3525,17 +3658,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3544,7 +3677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3554,7 +3687,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3574,12 +3707,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3587,73 +3720,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Noklusējuma: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3661,17 +3794,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Noklusējuma: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3680,17 +3813,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Noklusējuma: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3698,17 +3831,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Noklusējuma: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3716,17 +3849,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3737,64 +3870,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3824,7 +3957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3833,7 +3966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3841,7 +3974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3990,7 +4123,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4085,123 +4218,166 @@ msgstr "Noklusējuma: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "The two mechanisms currently supported are:" +msgid "Two modes are currently supported:" +msgstr "Divi pašlaik atbalstītie mehānismi ir:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 1" +msgid "Default: exop" +msgstr "Noklusējuma: 1" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "Divi pašlaik atbalstītie mehānismi ir:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "parole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Noklusējuma: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4209,113 +4385,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4324,17 +4500,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4343,17 +4519,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Noklusējuma: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4362,17 +4538,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Noklusējuma: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4381,17 +4557,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4400,17 +4576,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4419,17 +4595,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4437,155 +4613,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4595,7 +4771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4603,51 +4779,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4656,24 +4832,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4681,7 +4857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4690,43 +4866,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4734,14 +4910,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4749,17 +4925,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4767,14 +4943,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4782,17 +4958,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4800,14 +4976,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4815,37 +4991,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4855,106 +5031,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Noklusējuma: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4962,34 +5138,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4997,7 +5173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5007,7 +5183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5017,17 +5193,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5035,14 +5211,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5050,7 +5226,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5059,12 +5235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5072,172 +5248,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5245,95 +5421,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5341,7 +5517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5349,12 +5525,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5362,12 +5538,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5378,12 +5554,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5392,12 +5568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5406,34 +5582,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5441,14 +5617,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5456,17 +5632,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5476,12 +5652,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5489,17 +5665,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5507,13 +5683,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5522,7 +5698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5530,26 +5706,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5557,7 +5733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5565,7 +5741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5573,41 +5749,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5616,32 +5792,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5649,24 +5825,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5674,17 +5850,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5695,29 +5871,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5730,7 +5906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5742,17 +5918,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5760,49 +5936,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5810,27 +5986,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5842,7 +6018,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5850,7 +6026,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5858,39 +6034,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5900,7 +6076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5908,26 +6084,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5935,7 +6111,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5943,31 +6119,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5976,56 +6152,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6041,12 +6217,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6055,14 +6231,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6071,24 +6247,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6096,19 +6272,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6117,7 +6293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6125,7 +6301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6134,7 +6310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6142,22 +6318,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6167,14 +6343,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6187,12 +6363,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6202,7 +6378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6212,63 +6388,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6277,74 +6453,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6355,7 +6531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6363,24 +6539,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6395,12 +6571,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6408,208 +6584,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6617,101 +6793,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6720,111 +6896,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6833,32 +7009,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6867,22 +7043,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6891,14 +7067,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6906,7 +7082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6919,27 +7095,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6955,13 +7131,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7221,31 +7397,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7253,20 +7492,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8363,7 +8611,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8378,7 +8626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8393,12 +8641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8419,12 +8667,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8448,17 +8696,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8466,7 +8714,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8493,7 +8741,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8506,12 +8754,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8530,50 +8778,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8684,26 +8932,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8722,7 +8970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9583,24 +9831,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 0 (unlimited)" +msgid "Default: False (seconds)" +msgstr "Noklusējuma: 0 (neierobežots)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9608,14 +9879,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9623,7 +9894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9634,79 +9905,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9714,7 +9949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9722,7 +9957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9730,7 +9965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9742,22 +9977,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9765,7 +10000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9773,7 +10008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9781,7 +10016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9793,22 +10028,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9816,14 +10051,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9831,7 +10066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9842,18 +10077,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9861,14 +10102,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9876,7 +10117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9887,19 +10128,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9907,7 +10148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9919,39 +10160,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9959,12 +10190,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9977,57 +10208,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10035,17 +10266,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10055,12 +10286,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10071,19 +10302,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10093,12 +10324,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10106,7 +10337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10121,7 +10352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10130,7 +10361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10138,7 +10369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10148,7 +10379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12855,7 +13086,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -13001,10 +13232,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: /tmp" msgid "Default: /etc/passwd" -msgstr "Noklusējuma: / tmp" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13021,10 +13250,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: /tmp" msgid "Default: /etc/group" -msgstr "Noklusējuma: / tmp" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15519,6 +15746,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index fe29d7b19d8..15afa24b204 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -6,9 +6,9 @@ # Wijnand Modderman-Lenstra <accounts-transifex@maze.io>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:02+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -318,11 +318,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standaard: true" @@ -341,16 +341,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -375,8 +375,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -391,7 +391,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Sectie parameters" @@ -475,7 +475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -495,12 +495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -508,39 +508,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -678,9 +678,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -872,7 +872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -948,8 +948,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -1009,8 +1009,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1091,7 +1091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1109,7 +1109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1128,10 +1128,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 120" msgid "Default: 14400 (4 hours)" -msgstr "Standaard: 120" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1144,11 +1142,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1157,41 +1155,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1199,23 +1197,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1223,47 +1221,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1271,112 +1269,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1387,96 +1385,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1484,59 +1482,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1545,61 +1543,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1607,7 +1605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1616,17 +1614,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1634,31 +1632,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1668,74 +1666,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1743,19 +1741,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1763,12 +1761,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1776,82 +1774,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Standaard: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1862,24 +1941,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1889,22 +1968,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1912,51 +1991,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1965,24 +2044,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1993,7 +2072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2004,24 +2083,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2029,12 +2108,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2043,24 +2122,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2070,66 +2149,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2137,17 +2216,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2155,7 +2234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2163,22 +2242,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2187,14 +2266,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2203,38 +2282,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2243,24 +2322,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2269,29 +2348,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2305,14 +2384,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2321,39 +2400,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2362,19 +2441,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2385,151 +2464,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2537,24 +2616,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2563,17 +2642,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2582,34 +2661,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2617,7 +2696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2625,8 +2704,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2635,8 +2714,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2644,19 +2723,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2665,7 +2744,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2673,22 +2752,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2700,7 +2779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2708,19 +2787,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2728,7 +2807,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2736,35 +2815,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2772,19 +2851,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2793,7 +2872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2801,29 +2880,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2831,7 +2910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2839,35 +2918,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2875,32 +2954,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2911,7 +2990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2920,12 +2999,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2933,7 +3012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2941,31 +3020,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2973,7 +3052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2982,17 +3061,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3000,43 +3079,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3044,7 +3123,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3052,7 +3131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3060,24 +3139,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3085,12 +3164,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3100,7 +3179,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3109,29 +3188,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3142,7 +3221,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3152,59 +3231,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3213,77 +3292,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3291,7 +3370,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3299,17 +3378,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3317,34 +3396,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3352,32 +3431,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3387,34 +3466,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3422,12 +3501,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3435,26 +3514,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3462,7 +3595,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3471,7 +3604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3479,29 +3612,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3509,12 +3642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3523,12 +3656,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3536,19 +3669,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3565,7 +3698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3573,17 +3706,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3592,7 +3725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3602,7 +3735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3622,12 +3755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3635,73 +3768,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3709,17 +3842,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3728,17 +3861,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3746,17 +3879,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3764,17 +3897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3785,64 +3918,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3872,7 +4005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3881,7 +4014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3889,7 +4022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4038,7 +4171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4133,123 +4266,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Standaard: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4257,113 +4431,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4372,17 +4546,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4391,17 +4565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4410,17 +4584,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4429,17 +4603,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4448,17 +4622,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4467,17 +4641,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4485,155 +4659,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4643,7 +4817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4651,51 +4825,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4704,24 +4878,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4729,7 +4903,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4738,43 +4912,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4782,14 +4956,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4797,17 +4971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4815,14 +4989,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4830,17 +5004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4848,14 +5022,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4863,37 +5037,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4903,106 +5077,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5010,34 +5184,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5045,7 +5219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5055,7 +5229,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5065,17 +5239,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5083,14 +5257,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5098,7 +5272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5107,12 +5281,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5120,172 +5294,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5293,95 +5467,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5389,7 +5563,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5397,12 +5571,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5410,12 +5584,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5426,12 +5600,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5440,12 +5614,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5454,34 +5628,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5489,14 +5663,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5504,17 +5678,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5524,12 +5698,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5537,17 +5711,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5555,13 +5729,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5570,7 +5744,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5578,26 +5752,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5605,7 +5779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5613,7 +5787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5621,41 +5795,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5664,32 +5838,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5697,24 +5871,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5722,17 +5896,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5743,29 +5917,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5778,7 +5952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5790,17 +5964,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5808,49 +5982,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5858,27 +6032,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5890,7 +6064,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5898,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5906,39 +6080,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5948,7 +6122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5956,26 +6130,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5983,7 +6157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5991,31 +6165,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6024,56 +6198,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6089,12 +6263,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6103,14 +6277,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6119,24 +6293,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6144,19 +6318,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6165,7 +6339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6173,7 +6347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6182,7 +6356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6190,22 +6364,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6215,14 +6389,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6235,12 +6409,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6250,7 +6424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6260,63 +6434,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6325,74 +6499,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6403,7 +6577,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6411,24 +6585,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6443,12 +6617,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6456,208 +6630,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6665,101 +6839,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6768,111 +6942,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6881,32 +7055,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6915,22 +7089,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6939,14 +7113,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6954,7 +7128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6967,27 +7141,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7003,13 +7177,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7269,31 +7443,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7301,20 +7538,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8411,7 +8657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8426,7 +8672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8441,12 +8687,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8467,12 +8713,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8496,17 +8742,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8514,7 +8760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8541,7 +8787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8554,12 +8800,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8578,50 +8824,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8732,26 +8978,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8770,7 +9016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9631,24 +9877,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9656,14 +9923,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9671,7 +9938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9682,79 +9949,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9762,7 +9993,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9770,7 +10001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9778,7 +10009,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9790,22 +10021,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9813,7 +10044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9821,7 +10052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9829,7 +10060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9841,22 +10072,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9864,14 +10095,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9879,7 +10110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9890,18 +10121,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9909,14 +10146,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9924,7 +10161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9935,19 +10172,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9955,7 +10192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9967,39 +10204,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10007,12 +10234,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10025,57 +10252,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10083,17 +10310,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10103,12 +10330,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10119,19 +10346,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10141,12 +10368,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10154,7 +10381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10169,7 +10396,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10178,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10186,7 +10413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10196,7 +10423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12903,14 +13130,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROEPEN</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -13042,10 +13263,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "re_expression (string)" msgid "passwd_files (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -13057,17 +13276,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/passwd" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "re_expression (string)" msgid "group_files (string)" -msgstr "re_expression (tekst)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -13079,10 +13294,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/group" -msgstr "Standaard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15577,6 +15790,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" @@ -15679,10 +15912,3 @@ msgstr "" #: include/ipa_modified_defaults.xml:118 msgid "ldap_group_external_member = ipaExternalMember" msgstr "" - -#~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." -#~ msgstr "" -#~ "MER OOK OP: oudere versies van libpcre ondersteunen alleen de Pyton " -#~ "syntaxis (?P<name>) om subpatronen aan te geven." diff --git a/src/man/po/pt.po b/src/man/po/pt.po index ee23e91b115..b34e6c9024c 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -6,9 +6,9 @@ # Miguel Sousa <migueljorgesousa@sapo.pt>, 2011 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:05+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -313,11 +313,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -336,16 +336,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -370,8 +370,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Padrão: 10" @@ -386,7 +386,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -470,7 +470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -490,12 +490,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -503,39 +503,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -659,9 +659,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -853,7 +853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -929,8 +929,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Padrão: 60" @@ -990,8 +990,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Padrão: 300" @@ -1068,7 +1068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Padrão: 50" @@ -1086,7 +1086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1105,10 +1105,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Padrão: 86400 (24 horas)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1121,11 +1119,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1134,41 +1132,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1176,23 +1174,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1200,47 +1198,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1248,112 +1246,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Padrão: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1364,96 +1362,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1461,59 +1459,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1522,61 +1520,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1584,7 +1582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1593,17 +1591,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1611,31 +1609,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1645,74 +1643,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1720,19 +1718,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1740,12 +1738,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1753,82 +1751,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Padrão: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1839,24 +1918,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1866,22 +1945,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1889,51 +1968,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1942,24 +2021,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1970,7 +2049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1981,24 +2060,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2006,12 +2085,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2020,24 +2099,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2047,66 +2126,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2114,17 +2193,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2132,7 +2211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2140,22 +2219,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2164,14 +2243,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2180,38 +2259,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2220,24 +2299,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2246,29 +2325,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2282,14 +2361,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2298,39 +2377,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2339,19 +2418,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2362,151 +2441,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2514,24 +2593,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2540,17 +2619,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2559,34 +2638,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2594,7 +2673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2602,8 +2681,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2612,8 +2691,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2621,19 +2700,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2642,7 +2721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2650,22 +2729,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2677,7 +2756,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2685,19 +2764,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2705,7 +2784,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2713,35 +2792,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2749,19 +2828,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2770,7 +2849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2778,29 +2857,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2808,7 +2887,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2816,35 +2895,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2852,32 +2931,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2888,7 +2967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2897,12 +2976,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2910,7 +2989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2918,31 +2997,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2950,7 +3029,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2959,17 +3038,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2977,43 +3056,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3021,7 +3100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3029,7 +3108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3037,24 +3116,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3062,12 +3141,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3077,7 +3156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3086,29 +3165,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3116,7 +3195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3126,59 +3205,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3187,77 +3266,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3265,7 +3344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3273,17 +3352,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3291,34 +3370,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3326,32 +3405,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3361,34 +3440,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3396,12 +3475,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3409,26 +3488,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3436,7 +3569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3445,7 +3578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3453,29 +3586,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3483,12 +3616,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3497,12 +3630,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3510,19 +3643,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3539,7 +3672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3547,17 +3680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3566,7 +3699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3576,7 +3709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3596,12 +3729,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3609,73 +3742,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3683,17 +3816,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3702,17 +3835,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3720,17 +3853,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3738,17 +3871,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3759,64 +3892,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3870,7 +4003,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3879,7 +4012,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3887,7 +4020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -4036,7 +4169,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Exemplos:" @@ -4135,123 +4268,166 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_pwd_policy (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_pwd_policy (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Padrão: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4259,113 +4435,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Padrão: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Padrão: diret" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Padrão: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4374,17 +4550,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Padrão: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4393,17 +4569,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Padrão: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4412,17 +4588,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Padrão: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4431,17 +4607,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Padrão: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4450,17 +4626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Padrão: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4469,17 +4645,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Padrão: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4487,155 +4663,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Padrão: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Padrão: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Padrão: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4645,7 +4821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4653,51 +4829,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4706,24 +4882,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4731,7 +4907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4740,43 +4916,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Padrão: NC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4784,14 +4960,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4799,17 +4975,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4817,14 +4993,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4832,17 +5008,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Padrão: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4850,14 +5026,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4865,37 +5041,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4905,106 +5081,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5012,34 +5188,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5047,7 +5223,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5057,7 +5233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5067,17 +5243,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5085,14 +5261,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5100,7 +5276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5109,12 +5285,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5122,172 +5298,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Padrão: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5295,95 +5471,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5391,7 +5567,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5399,12 +5575,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5412,12 +5588,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5428,12 +5604,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5442,12 +5618,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5456,34 +5632,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5491,14 +5667,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5506,17 +5682,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5526,12 +5702,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5539,17 +5715,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5557,13 +5733,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5572,7 +5748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5580,19 +5756,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -5601,7 +5777,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5609,7 +5785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5617,7 +5793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5625,41 +5801,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5668,32 +5844,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5701,24 +5877,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5726,17 +5902,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5747,29 +5923,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5782,7 +5958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5794,17 +5970,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5812,50 +5988,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5863,27 +6039,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5895,7 +6071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5903,7 +6079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5911,39 +6087,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5953,7 +6129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5961,26 +6137,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5988,7 +6164,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5996,31 +6172,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6029,56 +6205,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6094,12 +6270,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6108,14 +6284,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6124,24 +6300,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6149,19 +6325,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6170,7 +6346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6178,7 +6354,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6187,7 +6363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6195,22 +6371,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6220,14 +6396,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6240,12 +6416,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6255,7 +6431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6265,63 +6441,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6330,74 +6506,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6408,7 +6584,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6416,24 +6592,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6448,12 +6624,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6461,208 +6637,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6670,101 +6846,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6773,111 +6949,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6886,32 +7062,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6920,22 +7096,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6944,14 +7120,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6959,7 +7135,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6972,27 +7148,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7008,13 +7184,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7274,31 +7450,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7306,20 +7545,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8416,7 +8664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8431,7 +8679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8446,12 +8694,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8472,12 +8720,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8501,17 +8749,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8519,7 +8767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8546,7 +8794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8559,12 +8807,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8583,50 +8831,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8737,26 +8985,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8775,7 +9023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9136,24 +9384,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base (string)" msgid "ldap_search_base" -msgstr "ldap_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base (string)" msgid "ldap_user_search_base" -msgstr "ldap_user_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "ldap_group_search_base" -msgstr "ldap_group_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 @@ -9642,24 +9884,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: false" +msgid "Default: False (seconds)" +msgstr "Padrão: false" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9667,14 +9932,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9682,7 +9947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9693,79 +9958,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9773,7 +10002,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9781,7 +10010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9789,7 +10018,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9801,22 +10030,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9824,7 +10053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9832,7 +10061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9840,7 +10069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9852,22 +10081,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9875,14 +10104,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9890,7 +10119,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9901,18 +10130,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9920,14 +10155,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9935,7 +10170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9946,19 +10181,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9966,7 +10201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9978,39 +10213,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10018,12 +10243,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10036,57 +10261,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10094,17 +10319,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10114,12 +10339,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10130,19 +10355,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10152,12 +10377,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10165,7 +10390,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10180,7 +10405,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10189,7 +10414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10197,7 +10422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10207,7 +10432,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12934,10 +13159,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-u</option>,<option>--unlock</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-u</option>,<option>--unlock</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -13069,10 +13292,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "allowed_shells (string)" msgid "passwd_files (string)" -msgstr "allowed_shells (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -13084,17 +13305,13 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: /tmp" msgid "Default: /etc/passwd" -msgstr "Padrão: /tmp." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "ldap_group_search_base (string)" msgid "group_files (string)" -msgstr "ldap_group_search_base (string)" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -13106,10 +13323,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: /tmp" msgid "Default: /etc/group" -msgstr "Padrão: /tmp." +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15604,6 +15819,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po index cec3d6ad5ad..a40026400a1 100644 --- a/src/man/po/pt_BR.po +++ b/src/man/po/pt_BR.po @@ -2,9 +2,9 @@ # Rodrigo de Araujo Sousa Fonseca <rodrigodearaujo@fedoraproject.org>, 2017. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2017-01-29 10:11+0000\n" "Last-Translator: Rodrigo de Araujo Sousa Fonseca " "<rodrigodearaujo@fedoraproject.org>\n" @@ -13,7 +13,7 @@ msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" #. type: Content of: <reference><title> @@ -289,11 +289,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -312,16 +312,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -346,8 +346,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -362,7 +362,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -442,7 +442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -462,12 +462,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -475,39 +475,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -631,9 +631,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -825,7 +825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -901,8 +901,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -962,8 +962,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1040,7 +1040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1058,7 +1058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1091,11 +1091,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1104,41 +1104,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1146,23 +1146,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1170,47 +1170,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1218,112 +1218,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1334,96 +1334,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1431,59 +1431,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1492,61 +1492,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1554,7 +1554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1563,17 +1563,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1581,31 +1581,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1615,74 +1615,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1690,19 +1690,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1710,12 +1710,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1723,80 +1723,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1807,24 +1890,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1834,22 +1917,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1857,51 +1940,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1910,24 +1993,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1938,7 +2021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1949,24 +2032,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1974,12 +2057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1988,24 +2071,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2015,66 +2098,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2082,17 +2165,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2100,7 +2183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2108,22 +2191,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2132,14 +2215,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2148,38 +2231,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2188,24 +2271,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2214,29 +2297,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2250,14 +2333,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2266,39 +2349,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2307,19 +2390,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2330,151 +2413,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2482,24 +2565,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2508,17 +2591,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2527,34 +2610,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2562,7 +2645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2570,8 +2653,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2580,8 +2663,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2589,19 +2672,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2610,7 +2693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2618,22 +2701,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2645,7 +2728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2653,19 +2736,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2673,7 +2756,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2681,35 +2764,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2717,19 +2800,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2738,7 +2821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2746,29 +2829,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2776,7 +2859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2784,35 +2867,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2820,32 +2903,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2856,7 +2939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2865,12 +2948,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2878,7 +2961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2886,31 +2969,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2918,7 +3001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2927,17 +3010,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2945,43 +3028,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2989,7 +3072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2997,7 +3080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3005,24 +3088,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3030,12 +3113,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3045,7 +3128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3054,29 +3137,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3084,7 +3167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3094,59 +3177,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3155,77 +3238,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3233,7 +3316,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3241,17 +3324,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3259,34 +3342,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3294,32 +3377,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3329,34 +3412,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3364,12 +3447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3377,26 +3460,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3404,7 +3541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3413,7 +3550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3421,29 +3558,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3451,12 +3588,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3465,12 +3602,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3478,19 +3615,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3507,7 +3644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3515,17 +3652,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3534,7 +3671,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3544,7 +3681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3564,12 +3701,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3577,73 +3714,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3651,17 +3788,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3670,17 +3807,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3688,17 +3825,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3706,17 +3843,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3727,64 +3864,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3814,7 +3951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3823,7 +3960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3831,7 +3968,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3980,7 +4117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4075,123 +4212,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4199,113 +4375,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4314,17 +4490,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4333,17 +4509,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4352,17 +4528,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4371,17 +4547,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4390,17 +4566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4409,17 +4585,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4427,155 +4603,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4585,7 +4761,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4593,51 +4769,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4646,24 +4822,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4671,7 +4847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4680,43 +4856,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4724,14 +4900,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4739,17 +4915,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4757,14 +4933,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4772,17 +4948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4790,14 +4966,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4805,37 +4981,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4845,106 +5021,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4952,34 +5128,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4987,7 +5163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4997,7 +5173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5007,17 +5183,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5025,14 +5201,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5040,7 +5216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5049,12 +5225,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5062,172 +5238,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5235,95 +5411,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5331,7 +5507,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5339,12 +5515,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5352,12 +5528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5368,12 +5544,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5382,12 +5558,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5396,34 +5572,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5431,14 +5607,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5446,17 +5622,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5466,12 +5642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5479,17 +5655,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5497,13 +5673,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5512,7 +5688,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5520,26 +5696,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5547,7 +5723,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5555,7 +5731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5563,41 +5739,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5606,32 +5782,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5639,24 +5815,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5664,17 +5840,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5685,29 +5861,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5720,7 +5896,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5732,17 +5908,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5750,49 +5926,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5800,27 +5976,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5832,7 +6008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5840,7 +6016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5848,39 +6024,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5890,7 +6066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5898,26 +6074,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5925,7 +6101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5933,31 +6109,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5966,56 +6142,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6031,12 +6207,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6045,14 +6221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6061,24 +6237,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6086,19 +6262,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6107,7 +6283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6115,7 +6291,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6124,7 +6300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6132,22 +6308,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6157,14 +6333,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6177,12 +6353,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6192,7 +6368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6202,63 +6378,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6267,74 +6443,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6345,7 +6521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6353,24 +6529,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6385,12 +6561,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6398,208 +6574,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6607,101 +6783,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6710,111 +6886,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6823,32 +6999,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6857,22 +7033,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6881,14 +7057,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6896,7 +7072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6909,27 +7085,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6945,13 +7121,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7211,31 +7387,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7243,20 +7482,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8353,7 +8601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8368,7 +8616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8383,12 +8631,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8409,12 +8657,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8438,17 +8686,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8456,7 +8704,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8483,7 +8731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8496,12 +8744,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8520,50 +8768,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8674,26 +8922,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8712,7 +8960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9573,24 +9821,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9598,14 +9867,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9613,7 +9882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9624,79 +9893,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9704,7 +9937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9712,7 +9945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9720,7 +9953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9732,22 +9965,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9755,7 +9988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9763,7 +9996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9771,7 +10004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9783,22 +10016,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9806,14 +10039,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9821,7 +10054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9832,18 +10065,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9851,14 +10090,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9866,7 +10105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9877,19 +10116,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9897,7 +10136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9909,39 +10148,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9949,12 +10178,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9967,57 +10196,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10025,17 +10254,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10045,12 +10274,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10061,19 +10290,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10083,12 +10312,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10096,7 +10325,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10111,7 +10340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10120,7 +10349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10128,7 +10357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10138,7 +10367,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12845,7 +13074,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -15505,6 +15734,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index b739fc687c4..d66bb2b7cce 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -6,9 +6,9 @@ # Artyom Kunyov <artkun@guitarplayer.ru>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:07+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/sssd/language/" @@ -19,7 +19,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -294,11 +294,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -317,16 +317,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -351,8 +351,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -367,7 +367,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -447,7 +447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -467,12 +467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -480,39 +480,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -636,9 +636,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -830,7 +830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -906,8 +906,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -967,8 +967,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1045,7 +1045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1063,7 +1063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "По умолчанию: 15" @@ -1082,10 +1082,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 10" msgid "Default: 14400 (4 hours)" -msgstr "По умолчанию: 10" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1098,11 +1096,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1111,41 +1109,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "По умолчанию: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1153,23 +1151,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1177,47 +1175,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1225,112 +1223,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1341,96 +1339,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1438,59 +1436,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1499,61 +1497,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1561,7 +1559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1570,17 +1568,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1588,31 +1586,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1622,74 +1620,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1697,19 +1695,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1717,12 +1715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1730,82 +1728,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "По умолчанию: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1816,24 +1895,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1843,22 +1922,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1866,51 +1945,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1919,24 +1998,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1947,7 +2026,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1958,24 +2037,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1983,12 +2062,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1997,24 +2076,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2024,66 +2103,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2091,17 +2170,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2109,7 +2188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2117,22 +2196,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2141,14 +2220,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2157,38 +2236,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2197,24 +2276,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2223,29 +2302,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2259,14 +2338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2275,39 +2354,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2316,19 +2395,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2339,151 +2418,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2491,24 +2570,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2517,17 +2596,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2536,34 +2615,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2571,7 +2650,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2579,8 +2658,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2589,8 +2668,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2598,19 +2677,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2619,7 +2698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2627,22 +2706,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2654,7 +2733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2662,19 +2741,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2682,7 +2761,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2690,35 +2769,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2726,19 +2805,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2747,7 +2826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2755,29 +2834,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2785,7 +2864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2793,35 +2872,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2829,32 +2908,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2865,7 +2944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2874,12 +2953,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2887,7 +2966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2895,31 +2974,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2927,7 +3006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2936,17 +3015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2954,43 +3033,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2998,7 +3077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3006,7 +3085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3014,24 +3093,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3039,12 +3118,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3054,7 +3133,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3063,29 +3142,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3093,7 +3172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3103,59 +3182,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3164,77 +3243,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3242,7 +3321,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3250,17 +3329,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3268,34 +3347,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3303,32 +3382,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3338,34 +3417,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3373,12 +3452,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3386,26 +3465,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3413,7 +3546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3422,7 +3555,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3430,29 +3563,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3460,12 +3593,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3474,12 +3607,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3487,19 +3620,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3516,7 +3649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3524,17 +3657,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3543,7 +3676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3553,7 +3686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3573,12 +3706,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3586,73 +3719,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3660,17 +3793,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3679,17 +3812,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3697,17 +3830,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3715,17 +3848,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3736,64 +3869,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3823,7 +3956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3832,7 +3965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3840,7 +3973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3989,7 +4122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4084,123 +4217,164 @@ msgstr "По умолчанию: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "По умолчанию: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "пароль" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "По умолчанию: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4208,113 +4382,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "По умолчанию: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "По умолчанию: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "По умолчанию: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "По умолчанию: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4323,17 +4497,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4342,17 +4516,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4361,17 +4535,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4380,17 +4554,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "По умолчанию: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4399,17 +4573,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "По умолчанию: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4418,17 +4592,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "По умолчанию: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4436,155 +4610,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4594,7 +4768,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4602,51 +4776,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4655,24 +4829,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4680,7 +4854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4689,43 +4863,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4733,14 +4907,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4748,17 +4922,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4766,14 +4940,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4781,17 +4955,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4799,14 +4973,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4814,37 +4988,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4854,106 +5028,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4961,34 +5135,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4996,7 +5170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5006,7 +5180,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5016,17 +5190,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5034,14 +5208,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5049,7 +5223,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5058,12 +5232,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5071,172 +5245,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5244,95 +5418,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5340,7 +5514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5348,12 +5522,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5361,12 +5535,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5377,12 +5551,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5391,12 +5565,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5405,34 +5579,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5440,14 +5614,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5455,17 +5629,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5475,12 +5649,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5488,17 +5662,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5506,13 +5680,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5521,7 +5695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5529,26 +5703,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5556,7 +5730,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5564,7 +5738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5572,41 +5746,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5615,32 +5789,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5648,24 +5822,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5673,17 +5847,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5694,29 +5868,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5729,7 +5903,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5741,17 +5915,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5759,49 +5933,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5809,27 +5983,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5841,7 +6015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5849,7 +6023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5857,39 +6031,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5899,7 +6073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5907,26 +6081,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5934,7 +6108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5942,31 +6116,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5975,56 +6149,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6040,12 +6214,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6054,14 +6228,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6070,24 +6244,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6095,19 +6269,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6116,7 +6290,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6124,7 +6298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6133,7 +6307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6141,22 +6315,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6166,14 +6340,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6186,12 +6360,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6201,7 +6375,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6211,63 +6385,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6276,74 +6450,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6354,7 +6528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6362,24 +6536,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6394,12 +6568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6407,208 +6581,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6616,101 +6790,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6719,111 +6893,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6832,32 +7006,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6866,22 +7040,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6890,14 +7064,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6905,7 +7079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6918,27 +7092,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6954,13 +7128,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7220,31 +7394,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7252,20 +7489,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8362,7 +8608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8377,7 +8623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8392,12 +8638,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8418,12 +8664,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8447,17 +8693,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8465,7 +8711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8492,7 +8738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8505,12 +8751,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8529,50 +8775,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8683,26 +8929,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8721,7 +8967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9582,24 +9828,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: false" +msgid "Default: False (seconds)" +msgstr "По умолчанию: false" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9607,14 +9876,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9622,7 +9891,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9633,79 +9902,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9713,7 +9946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9721,7 +9954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9729,7 +9962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9741,22 +9974,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9764,7 +9997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9772,7 +10005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9780,7 +10013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9792,22 +10025,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9815,14 +10048,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9830,7 +10063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9841,18 +10074,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9860,14 +10099,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9875,7 +10114,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9886,19 +10125,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9906,7 +10145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9918,39 +10157,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9958,12 +10187,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9976,57 +10205,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10034,17 +10263,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10054,12 +10283,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10070,19 +10299,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10092,12 +10321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10105,7 +10334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10120,7 +10349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10129,7 +10358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10137,7 +10366,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10147,7 +10376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12854,7 +13083,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -13000,10 +13229,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: gecos" msgid "Default: /etc/passwd" -msgstr "По умолчанию: gecos" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13020,10 +13247,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: gecos" msgid "Default: /etc/group" -msgstr "По умолчанию: gecos" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15518,6 +15743,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index dfc52d1a505..f032188f8b7 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.3\n" +"Project-Id-Version: sssd-docs 1.16.4\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -254,7 +254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -271,12 +271,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 +#: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" @@ -299,7 +299,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -314,7 +314,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -395,7 +395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -429,39 +429,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -585,7 +585,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 include/ldap_id_mapping.xml:216 msgid "Default: not set" msgstr "" @@ -772,7 +772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -847,7 +847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -907,7 +907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -985,7 +985,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1003,7 +1003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1036,11 +1036,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1049,39 +1049,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1089,22 +1089,22 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 sssd-krb5.5.xml:539 include/override_homedir.xml:59 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1112,46 +1112,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1159,56 +1159,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during " "lookup. This option can be specified globally in the [nss] section or " @@ -1216,57 +1216,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1278,96 +1278,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1375,59 +1375,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1436,61 +1436,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1498,7 +1498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1508,17 +1508,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1526,7 +1526,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1534,24 +1534,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1561,72 +1561,72 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1634,19 +1634,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1654,12 +1654,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1667,78 +1667,160 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards " +"(e.g. <quote>login</quote>) with a custom PAM service name " +"(e.g. <quote>my_pam_service</quote>), you would use the following " +"configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -1750,24 +1832,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1778,22 +1860,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1801,51 +1883,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1855,24 +1937,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1883,7 +1965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1894,24 +1976,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1919,12 +2001,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1933,24 +2015,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -1961,66 +2043,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -2028,17 +2110,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2046,7 +2128,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2054,22 +2136,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2078,14 +2160,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2094,38 +2176,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -2134,24 +2216,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2160,29 +2242,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2196,14 +2278,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2212,39 +2294,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2253,19 +2335,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2276,150 +2358,150 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the " "cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2427,24 +2509,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2453,17 +2535,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2472,34 +2554,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> " "<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> " @@ -2508,7 +2590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2516,7 +2598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2525,7 +2607,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2533,19 +2615,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2554,7 +2636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2562,22 +2644,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2589,7 +2671,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2597,19 +2679,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2617,7 +2699,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2625,34 +2707,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2660,19 +2742,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -2681,7 +2763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -2690,29 +2772,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -2721,7 +2803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -2729,34 +2811,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2764,31 +2846,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2799,7 +2881,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2808,12 +2890,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2821,7 +2903,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2830,31 +2912,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2863,7 +2945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2872,17 +2954,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2890,41 +2972,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -2932,7 +3014,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -2940,7 +3022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -2948,24 +3030,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2974,12 +3056,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -2989,7 +3071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -2997,29 +3079,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3027,7 +3109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3037,59 +3119,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -3098,76 +3180,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3175,7 +3257,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3183,17 +3265,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3201,34 +3283,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3236,32 +3318,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3271,32 +3353,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3304,12 +3386,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3317,26 +3399,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder " +"type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3344,7 +3480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3353,7 +3489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -3362,29 +3498,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3392,12 +3528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3406,12 +3542,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3419,19 +3555,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -3449,7 +3585,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3457,17 +3593,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3476,7 +3612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3486,7 +3622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3506,12 +3642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3519,73 +3655,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3593,17 +3729,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3612,17 +3748,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3630,17 +3766,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3648,17 +3784,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -3669,64 +3805,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3756,7 +3892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3765,7 +3901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3773,7 +3909,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3921,7 +4057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 sss_override.8.xml:137 sss_override.8.xml:234 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4015,123 +4151,162 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +msgid "Default: exop" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the " @@ -4139,113 +4314,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4254,17 +4429,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4273,17 +4448,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4292,17 +4467,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4311,17 +4486,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -4330,17 +4505,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4350,17 +4525,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4368,155 +4543,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4527,7 +4702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4535,51 +4710,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>phone</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4588,24 +4763,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4613,7 +4788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4622,42 +4797,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4665,14 +4840,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>authorized_service</quote> in order " @@ -4680,17 +4855,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4698,14 +4873,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>host</quote> in order for the " @@ -4713,17 +4888,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4731,14 +4906,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>rhost</quote> in order for the " @@ -4746,37 +4921,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4786,106 +4961,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4893,34 +5068,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -4928,7 +5103,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -4938,7 +5113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -4948,17 +5123,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4966,14 +5141,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4981,7 +5156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink " @@ -4990,12 +5165,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5003,265 +5178,265 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5269,7 +5444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5277,12 +5452,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5290,12 +5465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -5306,12 +5481,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5320,12 +5495,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5334,34 +5509,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5369,7 +5544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -5377,7 +5552,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5385,17 +5560,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5405,12 +5580,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5418,17 +5593,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5436,12 +5611,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5450,7 +5625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5458,26 +5633,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5485,7 +5660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5493,7 +5668,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5501,41 +5676,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5544,32 +5719,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5577,24 +5752,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5602,17 +5777,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5623,29 +5798,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5658,7 +5833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5670,17 +5845,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5688,49 +5863,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5738,27 +5913,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -5770,7 +5945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5778,7 +5953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -5787,39 +5962,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5829,7 +6004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -5838,26 +6013,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -5866,7 +6041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5874,31 +6049,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5907,56 +6082,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5973,12 +6148,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5987,14 +6162,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6003,24 +6178,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6028,19 +6203,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6049,7 +6224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -6057,7 +6232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6066,7 +6241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -6074,22 +6249,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6099,7 +6274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the " "<quote>ppolicy</quote> option and might be removed in a future release. " @@ -6107,7 +6282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6120,12 +6295,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6135,7 +6310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6145,38 +6320,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control " @@ -6184,24 +6359,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6210,74 +6385,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6288,7 +6463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6296,24 +6471,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6328,12 +6503,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6341,208 +6516,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6550,100 +6725,100 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6652,112 +6827,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise " "automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -6767,32 +6942,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6801,22 +6976,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6825,12 +7000,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:103 sssd-session-recording.5.xml:144 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6838,7 +7013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6851,24 +7026,24 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 sssd-files.5.xml:110 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 sssd-files.5.xml:110 sssd-session-recording.5.xml:150 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6884,12 +7059,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7153,31 +7328,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> " -"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " -"to tell the Kerberos libraries what Realm and which KDC to use. Typically " -"this is done in <citerefentry> <refentrytitle>krb5.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> which is always read by the " -"Kerberos libraries. To simplify the configuration the Realm and the KDC can " -"be defined in <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " -"</citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable " +"it. But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify " +"read-write KDCs. If this file exists for the given realm the content will be " +"used by the plugin to reply to requests for a kpasswd or kadmin server or " +"for the MIT Kerberos specific master KDC. If the address contains a port " +"number the default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7185,20 +7423,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8295,7 +8542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8310,7 +8557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8325,12 +8572,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8351,12 +8598,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8380,17 +8627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8398,7 +8645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8426,7 +8673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8439,12 +8686,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8463,50 +8710,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8617,26 +8864,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8654,7 +8901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9515,24 +9762,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed " +"access. When this option is set to True users will be allowed access only " +"when explicitly allowed by a GPO rule. Otherwise users will be denied " +"access. This can be used to harden security but be careful when using this " +"option because it can deny access even to users in the built-in " +"Administrators group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9540,14 +9808,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9555,7 +9823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9566,78 +9834,43 @@ msgid "" "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9645,7 +9878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9653,7 +9886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9661,7 +9894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9673,22 +9906,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9696,7 +9929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9704,7 +9937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9712,7 +9945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9724,22 +9957,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9747,14 +9980,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9762,7 +9995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9773,18 +10006,23 @@ msgid "" "configuration: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9792,14 +10030,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9807,7 +10045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using " "<quote>+service_name</quote>. Since the default set is empty, it is not " @@ -9818,19 +10056,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9838,7 +10076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9850,39 +10088,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9890,12 +10118,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9908,57 +10136,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -9966,17 +10194,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal " "task. The option expects 2 integers separated by a colon (':'). The first " @@ -9986,12 +10214,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10002,19 +10230,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10024,12 +10252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -10037,7 +10265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10052,7 +10280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10061,7 +10289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10069,7 +10297,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10079,7 +10307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12803,7 +13031,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -15479,6 +15707,26 @@ msgid "" "cannot be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/sv.po b/src/man/po/sv.po index 61f0c024593..cf7494bff44 100644 --- a/src/man/po/sv.po +++ b/src/man/po/sv.po @@ -1,17 +1,17 @@ # Göran Uddeborg <goeran@uddeborg.se>, 2018. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" -"PO-Revision-Date: 2018-06-07 08:25+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" +"PO-Revision-Date: 2018-07-31 12:14+0000\n" "Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n" "Language-Team: Swedish\n" "Language: sv\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" #. type: Content of: <reference><title> @@ -202,15 +202,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." msgstr "" -"En radkommentar börjar med ett nummertecken (<quote>#</quote>) eller ett " +"En kommentarsrad börjar med ett nummertecken (<quote>#</quote>) eller ett " "semikolon (<quote>;</quote>). Kommentarer inom raden stödjs inte." #. type: Content of: <reference><refentry><refsect1><para> @@ -345,11 +341,11 @@ msgstr "" "aktiverat för SSSD-felsökningsloggning igoreras denna flagga." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Standard: true" @@ -370,30 +366,30 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Standard: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:155 msgid "Options usable in SERVICE and DOMAIN sections" -msgstr "" +msgstr "Flaggor användbara i sektionerna SERVICE och DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:159 msgid "timeout (integer)" -msgstr "" +msgstr "timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:162 @@ -402,32 +398,35 @@ msgid "" "ensure that the process is alive and capable of answering requests. Note " "that after three missed heartbeats the process will terminate itself." msgstr "" +"Tidsgräns i sekunder mellan hjärtslag för denna tjänst. Detta används för " +"att säkerställa att processen lever och kan svara på begäranden. Observera " +"att efter tre missade hjärtslag kommer processen avsluta sig själv." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" -msgstr "" +msgstr "Standard: 10" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:179 msgid "SPECIAL SECTIONS" -msgstr "" +msgstr "SPECIALSEKTIONER" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:182 msgid "The [sssd] section" -msgstr "" +msgstr "Sektionen [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" -msgstr "" +msgstr "Sektionsparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:193 msgid "config_file_version (integer)" -msgstr "" +msgstr "config_file_version (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:196 @@ -435,11 +434,13 @@ msgid "" "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " "version 2." msgstr "" +"Indikerar vilken syntaxen är i konfigurationsfilen. SSSD 0.6.0 och senare " +"använder version 2." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:202 msgid "services" -msgstr "" +msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:205 @@ -449,6 +450,10 @@ msgid "" "platforms where systemd is supported, as they will either be socket or D-Bus " "activated when needed. </phrase>" msgstr "" +"Kommaseparerad lista av tjänster som startas när sssd själv startas. " +"<phrase condition=\"have_systemd\"> Tjänstelistan är frivillig på " +"plattformar där systemd stödjs, eftersom de antingen kommer vara uttags- " +"eller D-Bus-aktiverade vid behov. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:214 @@ -458,6 +463,10 @@ msgid "" "\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</" "phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" msgstr "" +"Tjänster som stödjs: nss, pam <phrase condition=\"with_sudo\">, sudo</" +"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " +"condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder" +"\">, pac</phrase> <phrase condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:222 @@ -466,11 +475,14 @@ msgid "" "and the administrator must enable the ones allowed to be used by executing: " "\"systemctl enable sssd-@service@.socket\". </phrase>" msgstr "" +"<phrase condition=\"have_systemd\"> Som standard är alla tjänster " +"avaktiverade och administratören måste aktivera de tillåtna genom att köra: " +"”systemctl enable sssd-@service@.socket\". </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:231 sssd.conf.5.xml:614 msgid "reconnection_retries (integer)" -msgstr "" +msgstr "reconnection_retries (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:234 sssd.conf.5.xml:617 @@ -478,16 +490,18 @@ msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" +"Antal gånger som tjänster skall försöka återansluta i händelse av en " +"dataleverantörkrasch eller starta om innan de ger upp" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:239 sssd.conf.5.xml:622 msgid "Default: 3" -msgstr "" +msgstr "Standard: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:244 msgid "domains" -msgstr "" +msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:247 @@ -498,11 +512,17 @@ msgid "" "them to be queried. A domain name should only consist of alphanumeric ASCII " "characters, dashes, dots and underscores." msgstr "" +"En domän är en databas som innehåller användarinformation. SSSD kan använda " +"flera domäner på samma gång, men åtminstone en måste vara konfigurerad, " +"annars kommer inte SSSD starta. Denna parameter beskriver listan av domäner " +"i den ordning du vill att de skall tillfrågas. Ett domännamn skall endast " +"bestå av alfanumeriska ASCII-tecken, bindestreck, punkter och " +"understrykningstecken." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" -msgstr "" +msgstr "re_expression (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:262 @@ -510,6 +530,8 @@ msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" +"Reguljärt standarduttryck som beskriver hur man skall tolka strängen som " +"innehåller användarnamnet och domänen in i dessa komponenter." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:267 @@ -518,58 +540,67 @@ msgid "" "ID providers there are also default regular expressions. See DOMAIN SECTIONS " "for more info on these regular expressions." msgstr "" +"Varje domän kan ha ett eget reguljärt uttryck konfigurerat. Får några ID-" +"leverantörer finns det också reguljära standarduttryck. Se DOMÄNSEKTIONER " +"för mer information om dessa reguljära uttryck." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" -msgstr "" +msgstr "full_name_format (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " "fully qualified name from user name and domain name components." msgstr "" +"Ett <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry>-kompatibelt format som beskriver hur man sätter " +"samman ett fullständigt kvalificerat namn från namn- och domänkomponenter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" -msgstr "" +msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" -msgstr "" +msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" -msgstr "" +msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." -msgstr "" +msgstr "domännamn som det anges i SSSD-konfigurationsfilen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" -msgstr "" +msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" +"platt domännamn. Huvudsakligen användbart för Active Directory-domäner, " +"både direkt konfigurerade eller hittade via IPA-förtroenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" +"Följande utvidgningar stödjs: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:316 @@ -577,11 +608,14 @@ msgid "" "Each domain can have an individual format string configured. see DOMAIN " "SECTIONS for more info on this option." msgstr "" +"Varje domän kan ha en egen formatsträng konfigurerad. Får några ID-" +"leverantörer finns det också reguljära standarduttryck. Se DOMÄNSEKTIONER " +"för mer information om detta alternativ." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:322 msgid "try_inotify (boolean)" -msgstr "" +msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:325 @@ -591,6 +625,10 @@ msgid "" "this, and will fall back to polling resolv.conf every five seconds if " "inotify cannot be used." msgstr "" +"SSSD övervakar tillståndet hos resolv.conf för att identifiera när den " +"behöver uppdatera sin interna DNS-uppslagning. Som standard kommer vi " +"försöka använda inotify till detta, och kommer falla tillbaka på att polla " +"resolv.conf var femte sekund om inotify inte kan användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:333 @@ -599,6 +637,9 @@ msgid "" "even trying to use inotify. In these rare cases, this option should be set " "to 'false'" msgstr "" +"Det finns vissa situationer när det är att föredra att vi skall hoppa över " +"att ens försöka att använda inotify. I dessa sällsynta fall skall detta " +"alternativ sättas till ”false”" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:339 @@ -606,6 +647,8 @@ msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" +"Standard: true på plattformar där inotify stödjs. False på andra " +"plattformar." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:343 @@ -613,11 +656,13 @@ msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" +"Obs: detta alternativ kommer inte ha någon effekt på plattformar där inotify " +"inte är tillgängligt. På dessa plattformar kommer pollning alltid användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:350 msgid "krb5_rcache_dir (string)" -msgstr "" +msgstr "krb5_rcache_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:353 @@ -625,6 +670,8 @@ msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" +"Katalog i filsystemet där SSSD skall spara Kerberos-cachefiler för " +"återuppspelning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:357 @@ -632,6 +679,9 @@ msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" +"Detta alternativ godtar ett specialvärde __LIBKRB5_DEFAULTS__ som kommer " +"instruera SSSD att låta libkrb5 bestämma den lämpliga platsen för " +"cachefilerna för återuppspelning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:363 @@ -639,11 +689,13 @@ msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" +"Standard: distributionsspecifikt och anges vid byggtillfället. " +"(__LIBKRB5_DEFAULTS__ om inte konfigurerat)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:370 msgid "user (string)" -msgstr "" +msgstr "user (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:373 @@ -657,16 +709,25 @@ msgid "" "permissions may result in a non-usable SSSD. The same may occur in case of " "changes of the user running the NSS responder. </phrase>" msgstr "" +"Användaren att släppa privilegierna till där det är tillämpligt för att " +"undvika att köra som användaren root. <phrase condition=\"have_systemd" +"\">Detta alternativ fungerar vid körning som uttagsaktiverade tjänster, " +"eftersom användaren som anges för att köra processerna anges vid " +"kompileringstillfället. Sättet att åsidosätta systemd unit-filerna är genom " +"att skapa de tillämpliga i /etc/systemd/system/. Kom ihåg att eventuella " +"ändringar av uttagets användare, grupp eller rättigheter kan resultera i en " +"oanvändbar SSSD. Samma sak kan hända vid ändring av användaren som kör NSS-" +"respondenten.</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:391 msgid "Default: not set, process will run as root" -msgstr "" +msgstr "Standard: inte angivet, processer kommer köra som root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:396 msgid "default_domain_suffix (string)" -msgstr "" +msgstr "default_domain_suffix (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:399 @@ -677,6 +738,11 @@ msgid "" "trusted domain. The option allows those users to log in just with their " "user name without giving a domain name as well." msgstr "" +"Strängen kommmer användas som ett standardnamn för domänen för alla namn " +"utan en domännamnsdel. Det huvudsakliga användningsfallet är miljöer där " +"primärdomänen är avsedd för hantering av värdpolicyer och alla användare är " +"placerade i en betrodd domän. Alternativet låter dessa användare att logga " +"in med bara sitt användarnamn utan att ange ett domännamn dessutom." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:409 @@ -687,22 +753,28 @@ msgid "" "is not allowed to use this option together with use_fully_qualified_names " "set to False." msgstr "" +"Observera att om detta alternativ anges måste alla användare från den " +"primära domänen använda sitt fullständigt kvalificerade namn, t.ex. " +"användare@domän.namn, för att logga in. Att ange detta alternativ ändrar " +"standardet på use_fully_qualified_names till True. Det är inte tillåtet att " +"använda detta alternativ tillsammans med use_fully_qualified_names satt " +"till False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 #: include/ldap_id_mapping.xml:216 msgid "Default: not set" -msgstr "" +msgstr "Standard: inte satt" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:423 msgid "override_space (string)" -msgstr "" +msgstr "override_space (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:426 @@ -713,6 +785,11 @@ msgid "" "scripts that have difficulty handling spaces, due to the default field " "separator in the shell." msgstr "" +"Denna parameter kommer ersätta blanksteg (mellanslag) med det angivna " +"tecknet i användar- och gruppnamn, t.ex. (_). Användarnamnet "sven " +"svensson" blir "sven_svensson" Denna funktion lades till för " +"att hjälpa till med kompatibiliteten med skalskript som har svårigheter att " +"hantera blanka, på grund av att det är standardfältsepearatorn i skalet." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:435 @@ -722,21 +799,25 @@ msgid "" "character SSSD tries to return the unmodified name but in general the result " "of a lookup is undefined." msgstr "" +"Observera att det är ett konfigurationsfel att använda ett ersättningstecken " +"som kan användas i användar- eller gruppnamn. Om ett namn innehåller " +"ersättningstecknet försöker SSSD att returnera det omodifierade namnet men i " +"allmänhet är resultatet av en uppslagning odefinierat." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:443 msgid "Default: not set (spaces will not be replaced)" -msgstr "" +msgstr "Default: not set (blanka kommer inte ersättas)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:448 msgid "certificate_verification (string)" -msgstr "" +msgstr "certificate_verification (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:456 msgid "no_ocsp" -msgstr "" +msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:458 @@ -745,11 +826,14 @@ msgid "" "needed if the OCSP servers defined in the certificate are not reachable from " "the client." msgstr "" +"Avaktiverar kontroller enligt Online Certificate Status Protocol (OCSP). " +"Detta kan behövas om OCSP-servrarna som definieras i certifikatet inte är " +"nåbara från klienten." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:466 msgid "no_verification" -msgstr "" +msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:468 @@ -757,11 +841,13 @@ msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" +"Avaktiverar helt verifiering. Detta alternativ skall endast användas för " +"testning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:474 msgid "ocsp_default_responder=URL" -msgstr "" +msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:476 @@ -770,17 +856,22 @@ msgid "" "mentioned in the certificate. URL must be replaced with the URL of the OCSP " "default responder e.g. http://example.com:80/ocsp." msgstr "" +"Anger standard-OCSP-respondent som skall användas istället för den som nämns " +"i certifikatet. URL:en måste ersättas med URL:en till standard-OCSP-" +"respondenten t.ex. http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 +#, fuzzy +#| msgid "This option must be used together with ocsp_default_responder." msgid "" "This option must be used together with ocsp_default_responder_signing_cert." -msgstr "" +msgstr "Detta alternativ måste anges tillsammans med ocsp_default_responder." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:490 msgid "ocsp_default_responder_signing_cert=NAME" -msgstr "" +msgstr "ocsp_default_responder_signing_cert=NAMN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 @@ -793,7 +884,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 msgid "This option must be used together with ocsp_default_responder." -msgstr "" +msgstr "Detta alternativ måste anges tillsammans med ocsp_default_responder." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:451 @@ -802,21 +893,24 @@ msgid "" "separated list of options. Supported options are: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Med denna parameter kan verifieringen av certifikatet justeras med en " +"kommaseparerad lista av alternativ. Alternativ som stödjs är <placeholder " +"type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:504 msgid "Unknown options are reported but ignored." -msgstr "" +msgstr "Okända alternativ rapporteras men ignoreras." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:507 msgid "Default: not set, i.e. do not restrict certificate verification" -msgstr "" +msgstr "Standard: inte satt, d.v.s begränsa inte certifikatverifieringen" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:513 msgid "disable_netlink (boolean)" -msgstr "" +msgstr "disable_netlink (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:516 @@ -824,6 +918,8 @@ msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" +"SSSD-hakar in i netlink-gränssnittet för att övervaka förändringar av " +"rutter, adresser, länkar och utlösa vissa åtgärder." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:521 @@ -831,16 +927,18 @@ msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" +"Förändringar av SSSD-tillståndet från netlink-händelser kan vara opålitliga " +"och kan avaktiveras genom att sätta detta alternativ till ”true”" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:526 msgid "Default: false (netlink changes are detected)" -msgstr "" +msgstr "Standard: false (netlink-förändringar detekteras)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:531 msgid "enable_files_domain (boolean)" -msgstr "" +msgstr "enable_files_domain (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:534 @@ -848,11 +946,13 @@ msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" +"När detta alternativ är aktiverat skjuter SSSD in en implicit domän med " +"<quote>id_provider=files</quote> före några explicit konfigurerade domäner." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:548 msgid "domain_resolution_order" -msgstr "" +msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:551 @@ -864,6 +964,12 @@ msgid "" "subdomains which are not listed as part of <quote>lookup_order</quote> will " "be looked up in a random order for each parent domain." msgstr "" +"Kommaseparerad lista av domäner och underdomäner som representerar ordningen " +"av uppslagningar skall följa. Listan behöver inte innehålla alla möjliga " +"domäner eftersom de saknade domänerna kommer slås upp baserat på ordningen " +"de presenteras i i konfigurationsalternativet <quote>domains</quote>. " +"Underdomäner som inte är listade som den del av <quote>lookup_order</quote> " +"kommer slås upp i en slumpvis ordning för varje föräldradomän." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:563 @@ -881,12 +987,25 @@ msgid "" "shortnames, making this workaround totally not recommended in cases where " "usernames may overlap between domains." msgstr "" +"Observera att när detta alternativ är satt är alltid utmatningsformatet för " +"alla kommandon helt kvalificerat även när kortnamn används för indata, för " +"alla användare utom de som hanteras av filleverantörer. Ifall " +"administratören vill att utdata inte skall vara fullständigt kvalificerat " +"kan alternativet full_name_format anges som visas nedan: " +"<quote>full_name_format=%1$s</quote> Kom dock ihåg att under inloggningen " +"kanoniserar inloggningsprogram ofta användarnamnet genom att anropa " +"<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry> som, om ett kortnamn returneras för en " +"kvalificerad inmatning (vid försök att nå en användare som finns i flera " +"domäner) kan dirigera om inloggningsförsöket till domänen som använder " +"kortnamn, vilket gör att denna metod absolut inte rekommenderas i fall där " +"användarnamn kan överlappa mellan domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" -msgstr "" +msgstr "Standard: inte satt" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:184 @@ -898,11 +1017,17 @@ msgid "" "some other important options like the identity domains. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Enskilda delar av SSSD-funktionalitet tillhandahålls av speciella SSSD-" +"tjänster som startas och stoppas tillsammans med SSSD. Tjänsterna hanteras " +"av en speciell tjänst som ofta kallas <quote>monitor</quote>. Sektionen " +"<quote>[sssd]</quote> används för att konfigurerara övervakaren såväl som " +"andra viktiga alternativ som identitetsdomänerna. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:599 msgid "SERVICES SECTIONS" -msgstr "" +msgstr "TJÄNSTESEKTIONER" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:601 @@ -912,21 +1037,25 @@ msgid "" "section, for example, for NSS service, the section would be <quote>[nss]</" "quote>" msgstr "" +"Inställningar som kan användas för att konfigurera olika tjänster beskrivs i " +"detta avsnitt. De skall ligga i sektionen [<replaceable>$NAME</" +"replaceable>], till exempel, för tjänsten NSS skulle sektionen vara " +"<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:608 msgid "General service configuration options" -msgstr "" +msgstr "Allmänna alternativ för tjänstekonfiguration" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:610 msgid "These options can be used to configure any service." -msgstr "" +msgstr "Dessa alternativ kan användas för att konfigurera alla tjänster." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:627 msgid "fd_limit" -msgstr "" +msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:630 @@ -937,16 +1066,21 @@ msgid "" "systems without this capability, the resulting value will be the lower value " "of this or the limits.conf \"hard\" limit." msgstr "" +"Detta alternativ anger det maximala antalet filbeskrivare som kan öppnas på " +"en gång av denna SSSD-process. P system där SSSD ges förmågan " +"CAP_SYS_RESOURCE kommer detta vara en absolut inställning. På system utan " +"denna förmåga kommer det reulterande värdet vara det lägre av detta värde " +"och den ”hårda” gränsen i limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:639 msgid "Default: 8192 (or limits.conf \"hard\" limit)" -msgstr "" +msgstr "Standard: 8192 (eller den ”hårda” gränsen i limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:644 msgid "client_idle_timeout" -msgstr "" +msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:647 @@ -957,17 +1091,22 @@ msgid "" "can't be shorter than 10 seconds. If a lower value is configured, it will be " "adjusted to 10 seconds." msgstr "" +"Detta alternativ anger antalet sekunder som en klient till en SSSD-process " +"kan hålla fast i en filbeskrivare utan att kommunincera över den. Detta " +"värde är begränsat för att undvika att resurserna på systemet tar slut. " +"Tidsgränsen kan inte vara kortare än 10 sekunder. Om ett lägre värde " +"konfigureras kommer det att justeras till 10 sekunder." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" -msgstr "" +msgstr "Standard: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:661 msgid "offline_timeout (integer)" -msgstr "" +msgstr "offline_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:664 @@ -976,11 +1115,14 @@ msgid "" "back online will increase based upon the time spent disconnected. This " "value is in seconds and calculated by the following:" msgstr "" +"När SSSD byter till frånkopplat läge, tiden före den försöker gå tillbaka " +"till uppkopplat läge kommer öka baserat på tiden tillbringad frånkopplad. " +"Detta värde är i sekunder och beräknas enligt följande:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:671 msgid "offline_timeout + random_offset" -msgstr "" +msgstr "offline_timeout + slumptillägg" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:674 @@ -988,11 +1130,13 @@ msgid "" "The random offset can increment up to 30 seconds. After each unsuccessful " "attempt to go online, the new interval is recalculated by the following:" msgstr "" +"Slumptillägget kan öka upp till 30 sekunder. Efter varje misslyckat försöka " +"att koppla upp kalkyleras det nya intervallet om enligt följande:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:679 msgid "new_interval = old_interval*2 + random_offset" -msgstr "" +msgstr "nytt_intervall = gammalt_intervall·2 + slumptillägg" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:682 @@ -1001,11 +1145,14 @@ msgid "" "hour. If the calculated length of new_interval is greater than an hour, it " "will be forced to one hour." msgstr "" +"Observera att den maximala längden på varje intervall för närvarande är " +"begränsat till en timma. Om den beräknade längden av nytt_intervall är " +"större än en timma kommer det att tvingas tillbaka till en timma." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:693 msgid "responder_idle_timeout" -msgstr "" +msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:696 @@ -1018,17 +1165,24 @@ msgid "" "built with systemd support and when services are either socket or D-Bus " "activated." msgstr "" +"Detta alternativ anger antalet sekunder som en SSSD-respondentprocess kan " +"vara uppe utan att användas. Detta värde är begränsat för att undvika att " +"resurserna på systemet tar slut. Det minsta acceptabla värdet för detta " +"alternativ är 60 sekunder. Att sätta detta alternativ till 0 (noll) betyder " +"att ingen tidsgräns kommer att sättas av respondenten. Detta alternativ har " +"bara effekt när SSSD är byggt med stöd för systemd och när tjänster är " +"antingen uttags- eller D-Bus-aktiverade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" -msgstr "" +msgstr "Standard: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:715 msgid "cache_first" -msgstr "" +msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:718 @@ -1036,22 +1190,26 @@ msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" +"Detta alternativ anger huruvida respondenten skall fråga alla cachar före " +"den frågar dataleverantörerna." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:730 msgid "NSS configuration options" -msgstr "" +msgstr "NSS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:732 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" +"Dessa alternativ kan användas för att konfigurera tjänsten Name Service " +"Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:737 msgid "enum_cache_timeout (integer)" -msgstr "" +msgstr "enum_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:740 @@ -1059,16 +1217,18 @@ msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" +"Hur många sekunder skall nss_sss cacha uppräkningar (begäranden för " +"information om alla användare)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:744 msgid "Default: 120" -msgstr "" +msgstr "Standard: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:749 msgid "entry_cache_nowait_percentage (integer)" -msgstr "" +msgstr "entry_cache_nowait_percentage (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:752 @@ -1077,6 +1237,9 @@ msgid "" "if they are requested beyond a percentage of the entry_cache_timeout value " "for the domain." msgstr "" +"Cachen över poster kan ställas in att automatiskt uppdatera poster i " +"bakgrunden om de begärs utöver en procentsats av värdet entry_cache_timeout " +"för domänen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:758 @@ -1087,6 +1250,11 @@ msgid "" "but the SSSD will go and update the cache on its own, so that future " "requests will not need to block waiting for a cache update." msgstr "" +"Till exempel, om domänens entry_cache_timeout är satt till 30 s och " +"entry_cache_nowait_percentage är satt till 50 (procent) kommer poster som " +"kommer in 15 sekunder efter den sista cacheuppdateringen returneras " +"omedelbart, men SSSD kommer att ta och uppdatera cachen på egen hand, så att " +"framtida begäranden kommer behöva blockera i väntan på en cacheuppdatering." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:768 @@ -1096,16 +1264,20 @@ msgid "" "percentage will never reduce the nowait timeout to less than 10 seconds. (0 " "disables this feature)" msgstr "" +"Giltiga värden för detta alternativ är 0-99 och representerar en procentsats " +"av entry_cache_timeout för varje domän. Av prestandaskäl kommer denna " +"procentsats aldrig reducera nowait-tidsgränser till mindre än 10 sekunder. " +"(0 avaktiverar denna funktion)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" -msgstr "" +msgstr "Standard: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:781 msgid "entry_negative_timeout (integer)" -msgstr "" +msgstr "entry_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:784 @@ -1114,16 +1286,19 @@ msgid "" "(that is, queries for invalid database entries, like nonexistent ones) " "before asking the back end again." msgstr "" +"Anger hur många sekunder nss_sss cachar negativa cacheträffar (det vill " +"säga, frågor om ogiltiga databasposter, som sådana som inte finns) innan " +"bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" -msgstr "" +msgstr "Standard: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:795 msgid "local_negative_timeout (integer)" -msgstr "" +msgstr "local_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:798 @@ -1132,256 +1307,311 @@ msgid "" "negative cache before trying to look it up in the back end again. Setting " "the option to 0 disables this feature." msgstr "" +"Anger hur många sekunder nss_sss skall hålla lokala användare och grupper i " +"en negativ cache före den försöker slå upp dem i bakänden igen. Att ställa " +"in alternativet till 0 avaktiverar denna funktion." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 msgid "Default: 14400 (4 hours)" -msgstr "" +msgstr "Standard: 14400 (4 timmar)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 msgid "filter_users, filter_groups (string)" -msgstr "" +msgstr "filter_users, filter_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:812 +#, fuzzy +#| msgid "" +#| "Exclude certain users or groups from being fetched from the sss NSS " +#| "database. This is particularly useful for system accounts. This option " +#| "can also be set per-domain or include fully-qualified names to filter " +#| "only users from the particular domain." msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" +"Uteslut vissa användare eller grupper från att hämtas från sss NSS-" +"databasen. Detta är särskilt användbart för systemkonton. Detta alternativ " +"kan också anges per domän eller inkludera fullständigt kvalificerade namn " +"för att filtrera endast användare från den angivna domänen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " "NSS. E.g. a group having a member group filtered out will still have the " "member users of the latter listed." msgstr "" +"OBS: alternativet filter_groups påverkar inte arvet av nästade " +"gruppmedlemmar, eftersom filtrering sker efter att de propagerats för att " +"returnera via NSS. T.ex. en grupp som har en medlemsgrupp bortfiltrerad " +"kommer fortfarande ha medlemsanvändarna i den senare listade." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" -msgstr "" +msgstr "Standard: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" -msgstr "" +msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" +"Om du vill att filtrerade användare fortfarande skall vara gruppmedlemmar " +"sätt då detta alternativ till false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" -msgstr "" +msgstr "fallback_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" +"Ange en standardmall för en användares hemkatalog om ingen uttryckligen " +"anges av domänens dataleverantör." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" +"De tillgängliga värdena för detta alternativ är samma som för " +"override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" " " msgstr "" +"fallback_homedir = /home/%u\n" +" " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" -msgstr "" +msgstr "Standard: inte satt (ingen ersättning för ej angivna hemkataloger)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" -msgstr "" +msgstr "override_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " "or per-domain." msgstr "" +"Åsidosätt inloggningsskalet för alla användare. Detta alternativ går före " +"alla andra skalalternativ om det har effekt och kan sättas antingen i " +"sektionen [nss] eller per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" +"Standard: inte angivet (SSSD kommer använda värdet som hämtats från LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" -msgstr "" +msgstr "allowed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" +"Begränsa användarskal till en av de listade värdena. Beräkningsordningen är:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." -msgstr "" +msgstr "1. Om skalet finns i <quote>/etc/shells</quote> används det." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" +"2. Om skalet finns i listan allowed_shells men inte i <quote>/etc/shells</" +"quote>, använd värdet på parametern shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" +"3. Om skalet inte finns i listan allowed_shells och inte i <quote>/etc/" +"shells</quote> används ett nologin-skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." -msgstr "" +msgstr "Jokertecknet (*) kan användas för att tillåta godtyckligt skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " "allowed shells in allowed_shells would be to much overhead." msgstr "" +"(*) är användbart om du vill använda shell_fallback ifall den användarens " +"skal inte finns i <quote>/etc/shells</quote> och att underhålla listan över " +"alla skal i allowed_shells skulle vara för mycket overhead." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." -msgstr "" +msgstr "En tom sträng som skal skickas som den är till libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" +"<quote>/etc/shells</quote> läses bara vid uppstart av SSSD, vilket betyder " +"att en omstart av SSSD behövs ifall ett nytt skal installeras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." -msgstr "" +msgstr "Standard: inte satt. Användarens skal används automatiskt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" -msgstr "" +msgstr "vetoed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" -msgstr "" +msgstr "Ersätt alla instanser av dessa skal med shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" -msgstr "" +msgstr "shell_fallback (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" +"Standardskalet att använda om ett tillåtet skal inte är installerat på " +"maskinen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" -msgstr "" +msgstr "Standard: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" -msgstr "" +msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" +"Standardskalet att använda om leverantören inte returnerar något under " +"uppslagningen. Detta alternativ kan anges globalt i sektionen [nss] eller " +"per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" +"Standard: inte satt (Returnera NULL om inget skal är angivet och lita på att " +"libc ersätter med något rimligt när nödvändigt, vanligen /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" -msgstr "" +msgstr "get_domains_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" +"Anger tiden i sekunder under vilken listan av underdomäner kommer betraktas " +"som giltiga." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" -msgstr "" +msgstr "memcache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" +"Anger tiden i sekunder under vilken poster i minnescachen kommer vara " +"giltiga. Att sätta detta alternativ till noll kommer avaktivera cachen i " +"minnet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" +"VARNING: att avaktivera cachen i minnet kommer ha signifikant negativ " +"påverkan på SSSDs prestanda och skall bara användas för testning." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" +"OBS: om miljövariabeln SSS_NSS_USE_MEMCACHE är satt till ”NO” kommer " +"klientprogram inte använda den snabba cachen i minnet." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" -msgstr "" +msgstr "user_attributes (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1390,280 +1620,329 @@ msgid "" "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for details) but with no default values." msgstr "" +"Några av de ytterligare NSS-respondentbegäranden kan returnera fler attribut " +"än bara de som definieras av POSIX via NSS-gränssnittet. Listan av attribut " +"styrs av detta alternativ. Det hanteras på samma sätt som alternativet " +"<quote>user_attributes</quote> för InfoPipe-respondenten (se <citerefentry> " +"<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för detaljer) men utan standardvärden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" +"För att förenkla konfigurationen kommer NSS-respondenten kontrollera " +"InfoPipe-altenativet om det inte är satt för NSS-respondenten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" -msgstr "" +msgstr "Standard: inte satt, gåtillbaka till InfoPipe-alternativet" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" -msgstr "" +msgstr "pwfield (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" +"Värdet som NSS-operationer som returnerar användare eller grupper kommer att " +"returnera i fältet <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." -msgstr "" +msgstr "Detta alternativ kan även sättas per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" +"Standard: <quote>*</quote> (fjärrdomäner) eller <quote>x</quote> " +"(fildomänerna)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" -msgstr "" +msgstr "PAM-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" +"Dessa alternativ kan användas för att konfigurera tjänsten Pluggable " +"Authentication Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" -msgstr "" +msgstr "offline_credentials_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" +"Om autentiseringsleverantören inte är ansluten, hur länge skall vi tillåta " +"cachade inloggningar (i dagar efter den senaste lyckade uppkopplade " +"inloggningen)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" -msgstr "" +msgstr "Standard: 0 (ingen gräns)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" -msgstr "" +msgstr "offline_failed_login_attempts (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" +"Om autentiseringsleverantören inte är ansluten, hur många misslyckade " +"inloggningsförsök är tillåtna." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" -msgstr "" +msgstr "offline_failed_login_delay (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" +"Tiden i minuter som måste förflyta efter att offline_failed_login_attempts " +"har nåtts före ett nytt inloggningsförsök är möjligt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " "authentication can enable offline authentication again." msgstr "" +"Om satt till 0 kan inte användaren autentisera om " +"offline_failed_login_attempts har uppnåtts. Endast en lyckad uppkopplad " +"autentisering kan aktivera autentisering utan uppkoppling igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" -msgstr "" +msgstr "Standard: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" -msgstr "" +msgstr "pam_verbosity (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" +"Styr vilken sorts meddelanden som visas för användaren under autentisering. " +"Ju högre tal desto fler meddelanden visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" -msgstr "" +msgstr "För närvarande stödjs följande värden:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" -msgstr "" +msgstr "<emphasis>0</emphasis>: visa inte några meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" -msgstr "" +msgstr "<emphasis>1</emphasis>: visa endast viktiga meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" -msgstr "" +msgstr "<emphasis>2</emphasis>: visa informationsmeddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" +"<emphasis>3</emphasis>: visa alla meddelanden och felsökningsinformation" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" -msgstr "" +msgstr "Standard: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" -msgstr "" +msgstr "pam_response_filter (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " "responses sent to pam_sss e.g. messages displayed to the user or environment " "variables which should be set by pam_sss." msgstr "" +"En kommaseparerad lista av strängar som möjliggör att ta bort (filtrera) " +"data skickat av PAM-respondenten till pam_sss-PAM-modulen. Det finns olika " +"sorters svar skickade till pam_sss, t.ex. meddelanden som visas för " +"användaren eller miljövariabler som skall sättas av pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" +"Medan meddelanden redan kan styras med hjälp av alternativet pam_verbosity " +"gör detta alternativ att man kan filtrera ut andra sorters svar dessutom." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" -msgstr "" +msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." -msgstr "" +msgstr "Skicka inte några miljövariabler till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" -msgstr "" +msgstr "ENV:varnamn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." -msgstr "" +msgstr "Skicka inte miljövariableln varnamn till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" -msgstr "" +msgstr "ENV:varnamn:tjänst" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." -msgstr "" +msgstr "Skicka inte miljövariabeln varnamn till tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"För närvarande dtldjs följande filter: <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" -msgstr "" +msgstr "Example: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" -msgstr "" +msgstr "pam_id_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " "ensure that authentication takes place with the latest information." msgstr "" +"För alla PAM-begäranden när SSSD är uppkopplat kommer SSSD försöka att " +"omedelbart uppdatera cachad identitetsinformation för användaren för att se " +"till att autentisering sker med den senaste informationen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" "client-application basis) how long (in seconds) we can cache the identity " "information to avoid excessive round-trips to the identity provider." msgstr "" +"En fullständig PAM-konversation kan utföra flera PAM-begäranden såsom " +"hantering av konto och öppning av en session. Detta alternativ styr (på per-" +"klientprogrambasis) hur länge (i sekunder) vi kan cacha " +"identitetsinformationen för att undvika överdrivna rundturer till " +"identitetsleverantören." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" -msgstr "" +msgstr "pam_pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." -msgstr "" +msgstr "Visa en varning N dagar före lösenordet går ut." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning." msgstr "" +"Observera att bakändeservern måste leverera information om utgångstiden för " +"lösenordet. Om denna information saknas kan sssd inte visa någon varning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" +"Om noll anges tillämpas inte detta filter, d.v.s. om utgångsvarningen " +"mottogs från bakändeserver kommer den automatiskt visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" +"Denna inställning kan åsidosättas genom att sätta " +"<emphasis>pwd_expiration_warning</emphasis> för en viss domän." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" -msgstr "" +msgstr "Standard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" -msgstr "" +msgstr "pam_trusted_users (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1671,192 +1950,304 @@ msgid "" "<quote>pam_public_domains</quote>. User names are resolved to UIDs at " "startup." msgstr "" +"Anger den kommaseparerade listan av UID-värden eller användarnamn som " +"tillåts köra PAM-konverteringar mot betrodda domäner. Användare som inte är " +"inkluderade i denna lista kan endast kom åt domäner som är markerade som " +"publika med <quote>pam_public_domains</quote>. Anvädarnamn slås upp till " +"UID vid uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" -msgstr "" +msgstr "Standard: alla användare betraktas som betrodda som standard" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" +"Observera att UID 0 alltid tillåts komma åt PAM-respondenten även ifall den " +"inte är i listan pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" -msgstr "" +msgstr "pam_public_domains (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" +"Anger den kommaseparerade listan över domännamn som är åtkomliga även för ej " +"betrodda användare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" +"Två speciella värden för alternativet pam_public_domains är definierade:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" +"all (Ej betrodda användare tillåts komma åt alla domäner i PAM-respondenten.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" +"none (Ej betrodda användare tillåts inte att komma åt några domäner i PAM-" +"respondenten.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" -msgstr "" +msgstr "Standard: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" -msgstr "" +msgstr "pam_account_expired_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" +"Gör att det går att ange ett anpassat utgångsmeddelande som ersätter " +"standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" +"Observera: var medveten om att meddelandet endast skrivs för tjänsten SSH om " +"inte pam_verbosity är satt till 3 (visa alla meddelanden och " +"felsökningsinformation)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" " " msgstr "" +"pam_account_expired_message = Kontot är utgånget, kontakta kundtjänsten.\n" +" " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" -msgstr "" +msgstr "pam_account_locked_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" +"Gör att det går att ange ett anpassat utlåsningsmeddelande som ersätter " +"standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" " " -msgstr "" +msgstr "pam_account_locked_message = Kontot är låst, kontakta kundtjänsten. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" -msgstr "" +msgstr "pam_cert_auth (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " "authentication process this option is disabled by default." msgstr "" +"Aktivera certifikatbaserad smartkortsautentisering. Eftersom detta " +"förutsätter ytterligare kommunikation med smartkortet vilket kommer fördröja " +"autentiseringsprocessen är detta alternativ avaktiverat som standard." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" -msgstr "" +msgstr "Default: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" -msgstr "" +msgstr "pam_cert_db_path (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" +"Sökvägen till certifikatdatabasen som innehåller PKCS#11-mudulerna för att " +"komma åt smartkortet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: true" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Standard: true" +msgstr "Standard:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "" +msgstr "/etc/pki/nssdb (NSS-version, sökväg till en NSS-databas)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" +"/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL-version, sökväg till en fil med " +"betrodda CA-certifikat i PEM-format)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." -msgstr "" +msgstr "Denna manualsida genererades för NSS-versionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." -msgstr "" +msgstr "Denna manualsida genererades för OpenSSL-versionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" -msgstr "" +msgstr "p11_child_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." -msgstr "" +msgstr "Hur många sekunder pam_sss kommer vänta på p11_child att avsluta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" -msgstr "" +msgstr "pam_app_services (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" +"Vilken PAM-tjänster tillåts att kontakta domäner av typen " +"<quote>application</quote>" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 -msgid "SUDO configuration options" +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 +msgid "SUDO configuration options" +msgstr "SUDO-konfigurationsalternativ" + #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1865,26 +2256,35 @@ msgid "" "</citerefentry> are in the manual page <citerefentry> <refentrytitle>sssd-" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"Dessa alternativ kan användas för att konfigurera tjänsten sudo. De " +"detaljerade instruktionerna för konfiguration av <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"för att fungera med <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> finns i manualsidan <citerefentry> " +"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" -msgstr "" +msgstr "sudo_timed (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" +"Huruvida attributen sudoNotBefore och sudoNotAfter som implementerar " +"tidsberoende sudoers-poster skall evalueras eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" -msgstr "" +msgstr "sudo_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1892,102 +2292,121 @@ msgid "" "<quote>full refresh</quote> of sudo rules is triggered instead. This " "threshold number also applies to IPA sudo command and command group searches." msgstr "" +"Maximalt antal utgångna regler som kan uppdateras på en gång. Om antalet " +"utgångna regler är under gränsen uppdateras dessa regler med mekanismen " +"<quote>regeluppdatering</quote>. Om grånsen överkrids triggas en " +"<quote>fullständig uppdatering</quote> av sudo-regler istället. Detta " +"gränsvärde gäller även IPA-sudo-kommandon och kommandugruppsökningar." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" -msgstr "" +msgstr "AUTOFS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." -msgstr "" +msgstr "Dessa alternativ kan användas för att konfigurera tjänsten autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" -msgstr "" +msgstr "autofs_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" +"Anger hur många sekunder autofs-respondenten cachar negativa cacheträffar " +"(det vill säga, frågor om ogiltiga mappningsposter, som sådana som inte " +"finns) innan bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" -msgstr "" +msgstr "SSH-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." -msgstr "" +msgstr "Dessa alternativ kan användas för att konfigurera tjänsten SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" -msgstr "" +msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +"Huruvida värdnamn och adresser i den hanterade filen known_hosts skall göras " +"till kontrollsummor eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" -msgstr "" +msgstr "ssh_known_hosts_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" +"Hur många sekunder en värd behållas i den hanterade filen known_hosts efter " +"att dess värdnycklar begärdes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" -msgstr "" +msgstr "Standard: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" -msgstr "" +msgstr "ssh_use_certificate_keys (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" +"Om satt till true true kommer <command>sss_ssh_authorizedkeys</command> " +"returnera ssh-nycklar härledda från den publika nyckeln i X.509-certifikat " +"även lagrade in användarposten. Se <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>1</" +"manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" -msgstr "" +msgstr "ca_db (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" +"Sökväg till lagring av betrodda CA-certifikat. Alternativet används för att " +"validera användarcertifikat före publika ssh-nycklar härleds från dem." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" -msgstr "" +msgstr "PAC-respondentskonfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1996,9 +2415,16 @@ msgid "" "joined to and of remote trusted domains from the local domain controller. If " "the PAC is decoded and evaluated some of the following operations are done:" msgstr "" +"PAC-respondenten fungerar tillsammans med insticksmodulen för " +"auktoriseringsdata för MIT Kerberos sssd_pac_plugin.so och en " +"underdomänsleverantör. Insticksmodulen skickar PAC-data under en GSSAPI-" +"autentisering till PAC-respondenten. Underdomänsleverantören samlar domän-" +"SID och ID-intervall för domänen klienten går med i och från betrodda " +"domäner från den lokala domänhanteraren. Om PAC:en är avkodad och och " +"beräknad kommer några av följande operationer att göras:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2007,65 +2433,81 @@ msgid "" "the system defaults are used, but can be overwritten with the default_shell " "parameter." msgstr "" +"Om fjärranvändaren inte finns i cachen skapas den. UID:t avgörs med hjälp " +"av SID:t, betrodda domäner kommer ha UPG:er och GID:en kommer ha samma värde " +"som UID:t. Hemkatalogen är satt baserat på parametern subdomain_homedir. " +"Skalet kommer vara tomt som standard, d.v.s. systemstandarden används, men " +"kan skrivas över med parametern default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" +"Om det finns SID:er av grupper från domäner sssd känner till kommer " +"användaren läggas till i dessa grupper." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." -msgstr "" +msgstr "Dessa alternativ kan användas för att konfigurera PAC-respondenten." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" -msgstr "" +msgstr "allowed_uids (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " "startup." msgstr "" +"Anger den kommaseparerade listan av UID-värden eller användarnamn som " +"tillåts använda PAC-respondenten. Användarnamn slås upp till UID:er vid " +"uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" -msgstr "" +msgstr "Standard: 0 (endast root-användaren tillåts komma åt PAC-respondenten)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " "access the PAC responder, which would be the typical case, you have to add 0 " "to the list of allowed UIDs as well." msgstr "" +"Observera att även om UID 0 används som standard kommer det att skrivas över " +"av detta alternativ. Om du fortfarande vill tillåta root-användaren att " +"komma åt PAC-respondenten, vilket man typiskt vill, måste du lägga till även " +"0 i listan av tillåtna UID:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" -msgstr "" +msgstr "pac_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" +"Livslängt på PAC-posterna i sekunder. Så länge som PAC:en är giltig kan PAC-" +"datan användas för att avgöra gruppmedlemskap för en användare." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" -msgstr "" +msgstr "Konfigurationsalternatvi för inspelning av sessioner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2073,230 +2515,278 @@ msgid "" "they log in on a text terminal. See also <citerefentry> <refentrytitle>sssd-" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"Inspelning av sessioner fungerar tillsammans med <citerefentry> " +"<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry>, en del av paketet tlog, för att logga vad användaren ser och " +"skriver när de är inloggade på en textterminal. Se även <citerefentry> " +"<refentrytitle>sssd-session-recording</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" +"Dessa alternativ kan användas för att konfigurera inspelning av sessioner." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" -msgstr "" +msgstr "scope (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" -msgstr "" +msgstr "”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." -msgstr "" +msgstr "Inga användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" -msgstr "" +msgstr "”some”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" +"Användare/grupper angivna i alternativen <replaceable>users</replaceable> " +"och <replaceable>groups</replaceable> spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" -msgstr "" +msgstr "”all”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." -msgstr "" +msgstr "Alla användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"En av följande strängar anger utsträckningen för inspelning av sessioner: " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" -msgstr "" +msgstr "Standard: ”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" -msgstr "" +msgstr "users (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " "replacement, case changes, etc." msgstr "" +"En kommaseparerad lista över användare vilka skall ha inspelning av " +"sessioner aktiverat. Matchar användarnamn som de returneras av NSS. D.v.s. " +"efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." -msgstr "" +msgstr "Default: Tomt. Matchar inte några användare." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" -msgstr "" +msgstr "groups (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " "possible space replacement, case changes, etc." msgstr "" +"En kommaseparerad lista över gruppmedlemmar vilka skall ha inspelning av " +"sessioner aktiverat. Matchar gruppnamn som de returneras av NSS. D.v.s. " +"efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " "retrieving and matching the groups the user is member of." msgstr "" +"OBSERVERA: att använda dettta alternativ (ha det satt till något) har en " +"betydande prestandakostnad, ty varje begäran som inte cachas för en " +"användare måste hämtas och matchas mot grupperna användaren är en medlem i." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." -msgstr "" +msgstr "Standard: Tom. Matchar inga grupper." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" -msgstr "" +msgstr "DOMÄNSEKTIONER" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" -msgstr "" +msgstr "domain_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " "be present or generated. Only objects from POSIX domains are available to " "the operating system interfaces and utilities." msgstr "" +"Anger huruvida domänen är avsedd att användas av POSIX-kunniga klienter " +"såsom Name SErvice Switch eller av program som inte behöver att POSIX-data " +"finns eller genereras. Endast objekt från POSIX-domäner är tillgängliga för " +"operativsystemets gränssnitt och verktyg." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" +"Tillåtna värden på detta alternativ är <quote>posix</quote> och " +"<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry>) and the PAM responder." msgstr "" +"POSIX-domäner kan nås av alla tjänster. Programdomäner kan endast nås från " +"InfoPipe-respondenten (se <citerefentry> <refentrytitle>sssd-ifp</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) och PAM-" +"respondenten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" +"OBSERVERA: Programdomänerna är för närvarande bara vältestade med " +"<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" +"För ett lätt sätt att konfigurera en icke-POSIX-DOMÄN, se avsnittet " +"<quote>Programdomäner</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" -msgstr "" +msgstr "Standard: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" -msgstr "" +msgstr "min_id,max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" +"UID- och GID-gränser för domänen. Om en domän innehåller en post som ligger " +"utanför dessa gränser ignoreras den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" "primary group memberships, those that are in range will be reported as " "expected." msgstr "" +"För användare påverkar detta gränsen för den primara GID:n. Användaren " +"kommer inte returneras till NSS om antingen UID:n eller den primära GID:n " +"ligger utanför intervallet. För icke primära gruppmedlemskap kommer de som " +"ligger i intervallet rapporteras som förväntat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" +"Dessa ID-gränser påverkar även när poster sparas till cachen, inte endast " +"när de returneras via namn eller ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" -msgstr "" +msgstr "Standard: 1 för min_id, 0 (ingen gräns) för max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" -msgstr "" +msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " "enable enumeration in order for secondary groups to be displayed. This " "parameter can have one of the following values:" msgstr "" +"Bestämmer om en domän kan räknas upp, det vill säga, huruvida domänen kan " +"lista alla användare och grupper den innehåller. Observera att det inte är " +"nödvändigt att aktivera uppräkning för att sekundära grupper skall visas. " +"Denna parameter kan ha ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" -msgstr "" +msgstr "TRUE = Användare och grupper räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" -msgstr "" +msgstr "FALSE = Inga uppräkningar för denna domän" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" -msgstr "" +msgstr "Standard: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" +"Att räkna upp en domän tvingar SSSD att hämta och lagra ALLA användar- och " +"grupposter från fjärrservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2308,78 +2798,101 @@ msgid "" "quote> process becoming unresponsive or even restarted by the internal " "watchdog." msgstr "" +"Obs: att aktivera uppräkning har en måttlig påverkan på prestandan hos SSSD " +"medan uppräkningen pågor. Det kan ta upp till flera minuter efter att SSSD " +"startat upp för att helt fullborda uppräkningar. Under denna tid kommer " +"enskilda begäranden om information att gå direkt till LDAP, fast det kan " +"vara långsamt på grund av den tunga bearbetningen av uppräkningen. Att " +"spara ett stort antal poster i cachen efter att uppräkningen är klar kan " +"också vara CPU-intensivt eftersom medlemsskap måste beräknas om. Detta kan " +"leda till att processen <quote>sssd_be</quote> blir oåtkomlig eller till och " +"med startas om av den interna vakthunden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" +"Medan den första uppräkningen körs kan begäranden om den fullständiga " +"användar- eller grupplistan returnera utan resultat tills den är färdig." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " "enumeration lookups are completed successfully. For more information, refer " "to the man pages for the specific id_provider in use." msgstr "" +"Vidare, att aktivera uppräkning kan öka tiden som behövs för att upptäcka " +"urkoppling av nätverk, eftersom längre tidsgränser behövs för att " +"säkerställa att uppräkningsuppslagningarna blir klara som de skall. För mer " +"information, se manualsidorna för den specifika id-leverantören som används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" +"Av ovan nämnda skäl rekommenderas inte att aktivera uppräkning, särskilt i " +"stora miljöer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" -msgstr "" +msgstr "subdomain_enumerate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" -msgstr "" +msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" -msgstr "" +msgstr "Alla upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" -msgstr "" +msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" -msgstr "" +msgstr "Inga upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " "Optionally, a list of one or more domain names can enable enumeration just " "for these trusted domains." msgstr "" +"Huruvida några av de automatiskt upptäckta betrodda domänerna skall räknas " +"upp. De värden som stödjs är <placeholder type=\"variablelist\" id=\"0\"/> " +"Om så önskas kan en lista med en eller flera domännamn aktivera uppräkning " +"bara för dessa betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" -msgstr "" +msgstr "entry_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" +"Hur många sekunder nss_sss skall anse poster giltiga före den frågar " +"bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2388,312 +2901,377 @@ msgid "" "citerefentry> tool in order to force refresh of entries that have already " "been cached." msgstr "" +"Tidsstämplarna för när cachen går ut lagras som attribut på de enskilda " +"objekten i cachen. Därför har ändringar av tidsgränsen för cachen endast " +"effekt för nyligen tillagda eller utgånga poster. Du skall köra verktyget " +"<citerefentry> <refentrytitle>sss_cache</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry> för att tvinga fram en uppdatering av poster som " +"redan har cachats." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" -msgstr "" +msgstr "Standard: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" -msgstr "" +msgstr "entry_cache_user_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" +"Hur många sekunder nss_sss skall anse användarposter giltiga före den frågar " +"bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" -msgstr "" +msgstr "Standard: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" -msgstr "" +msgstr "entry_cache_group_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" +"Hur många sekunder nss_sss skall anse grupposter giltiga före den frågar " +"bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" +msgstr "entry_cache_netgroup_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" +"Hur många sekunder nss_sss skall anse nätgruppsposter giltiga före den " +"frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" -msgstr "" +msgstr "entry_cache_service_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" +"Hur många sekunder nss_sss skall anse tjänsteposter giltiga före den frågar " +"bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" -msgstr "" +msgstr "entry_cache_sudo_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" +"Hur många sekunder sudo skall anse regler giltiga före den frågar bakänden " +"igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" -msgstr "" +msgstr "entry_cache_autofs_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" +"Hur många sekunder tjänsten autofs skall anse automatmonteringskartor " +"giltiga före den frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" -msgstr "" +msgstr "entry_cache_ssh_host_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" +"Hur många sekunder en värds ssh-nyckel behålls efter en uppdatering. D.v.s. " +"hur länge värdnyckeln skall cachas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" -msgstr "" +msgstr "refresh_expired_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" +"Anger hur många sekunder SSSD måste vänta före en uppdateringuppgift startas " +"i bakgrunden som kommer uppdatera alla utgångna eller nästan utgångna poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" +"Bakgrundsuppdateringen kommer bearbeta användare, grupper och nätgrupper i " +"cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." -msgstr "" +msgstr "Du kan överväga att sätta detta värde till ¾ · entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" -msgstr "" +msgstr "Standard: 0 (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" -msgstr "" +msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" -msgstr "" +msgstr "Bestämmer om användarkreditiv också cachas i den lokala LDB-cachen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" -msgstr "" +msgstr "Användarkreditiv sparas i en SHA512-kontrollsumma, inte i klartext" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" -msgstr "" +msgstr "cache_credentials_minimal_first_factor_length (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" +"Om 2-faktorautentisering (2FA) används och kreditiv skall sparas avgör detta " +"värde den minsta längden den första autentiseringsfaktorn (långvarigt " +"lösenord) måste ha för att sparas som en SHA512-kontrollsumma i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" +"Detta skall undvika att de korta PIN:arna i ett PIN-baserat 2FA-arrangemang " +"sparas i cachen vilket skulle gjort dem till lätta mål för uttömmande " +"attacker." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" -msgstr "" +msgstr "Standard: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" -msgstr "" +msgstr "account_cache_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " "value of this parameter must be greater than or equal to " "offline_credentials_expiration." msgstr "" +"Antal dagar poster sparas i cachen efter den senaste lyckade inloggningen " +"före de tas bort under en rensning av cachen. 0 betyder behåll för alltid. " +"Värdet på denna parameter måste vara större än eller lika med " +"offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" -msgstr "" +msgstr "Standard: 0 (obegränsat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" -msgstr "" +msgstr "pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " "cannot display a warning. Also an auth provider has to be configured for the " "backend." msgstr "" +"Observera att bakändeservern måste leverera information om utgångstiden för " +"lösenordet. Om denna information saknas kan sssd inte visa någon varning. " +"Dessutom måste en autentiseringsleverantör ha konfigurerats för bakänden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" -msgstr "" +msgstr "Standard: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" -msgstr "" +msgstr "id_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" +"Identifikationsleverantören som används för domänen. ID-leverantörer som " +"stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." -msgstr "" +msgstr "<quote>proxy</quote>: Stöd en tidigare NSS-leverantör." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" +"<quote>local</quote>: SSSD:s interna leverantör för lokala användare " +"(FÖRÅLDRAT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" +"<quote>files</quote>: FIL-leverantör. Se <citerefentry> <refentrytitle>sssd-" +"files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> för mer " +"information om hur lokala användare och grupper kan speglas in i SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on configuring LDAP." msgstr "" +"<quote>ldap</quote>: LDAP-leverantör. Se <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> för mer " +"information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "FreeIPA." msgstr "" +"<quote>ipa</quote>: Leverantören FreeIPA och Red Hat Enterprise Identity " +"Management. Se <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> för mer information om att " +"konfigurera FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Active Directory." msgstr "" +"<quote>ad</quote>: Active Directory-leverantör. Se <citerefentry> " +"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" -msgstr "" +msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" +"Använd det fullständinga namnet och domänen (formaterat med domänens " +"full_name_format) som användarens inloggningsnamn rapporterat till NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " "<command>getent passwd test</command> wouldn't find the user while " "<command>getent passwd test@LOCAL</command> would." msgstr "" +"Om satt till TRUE måste alla begäranden till denna domän använda " +"fullständigt kvalificerade namn. Till exempel, om använt i en domän LOKAL " +"som innehåller en användare ”test”, skulle <command>getent passwd test</" +"command> inte hitta användaren medan <command>getent passwd test@LOKAL</" +"command> skulle det." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " "will be searched when an unqualified name is requested." msgstr "" +"OBSERVERA: Detta alternativ har ingen effekt på nätgruppsuppslagningar på " +"grund av deras tendens att innehålla nästlade nätgrupper utan kvalificerade " +"namn. För nätgrupper kommer alla domäner sökas igenom när ett okvalificerat " +"namn begärs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" -msgstr "" +msgstr "Standard: FALSE (TRUE om default_domain_suffix används)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" -msgstr "" +msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." -msgstr "" +msgstr "Returnera inte gruppmedlemmar för gruppuppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2703,209 +3281,265 @@ msgid "" "citerefentry>. As an effect, <quote>getent group $groupname</quote> would " "return the requested group as if it was empty." msgstr "" +"Om satt till TRUE begärs inte attributet gruppmedlemsskap från ldap-servern, " +"och gruppmedlemmar retuneras inte vid behandling av gruppuppslagningsanrop, " +"såsom <citerefentry> <refentrytitle>getgrnam</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry> eller <citerefentry> <refentrytitle>getgrgid</" +"refentrytitle> <manvolnum>3</manvolnum> </citerefentry>. Som en effekt " +"skulle <quote>getent group $groupname</quote> returnera den begärda gruppen " +"som om den vore tom." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " "members." msgstr "" +"Att aktivera detta alternativ kan även göra kontroller av gruppmedlemskap " +"hos åtkomstleverantören väsentligt snabbare, särskilt för grupper som " +"innehåller många medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" -msgstr "" +msgstr "auth_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" +"Autenticeringsleverantören som används för domänen. Leverantörer som stödjs " +"är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> för inbyggd LDAP-autentisering. Se <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote> för Kerberosautentisering. Se <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" +"<quote>proxy</quote> för att skicka vidare autentiseringen till något annat " +"PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" -msgstr "" +msgstr "<quote>local</quote>: SSSD:s interna leverantör för lokala användare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." -msgstr "" +msgstr "<quote>none</quote> avaktiverar explicit autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" +"Standard: <quote>id_provider</quote> används om det är satt och kan hantera " +"autentiseringsbegäranden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" -msgstr "" +msgstr "access_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " "Internal special providers are:" msgstr "" +"Leverantören av åtkomstkontroll för domänen. Det finns två inbyggda " +"åtkomstleverantörer (utöver alla inkluderade in installerade bakändar). " +"Interna specialleverantörer är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" +"<quote>permit</quote> tillåt alltid åtkomst. Det är den enda tillåtna " +"åtkomstleverantören för en lokal domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." -msgstr "" +msgstr "<quote>deny</quote> neka alltid åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for more information on configuring the simple " "access module." msgstr "" +"<quote>simple</quote> åtkomstkontroll baserat på åtkomst- eller " +"nekandelistor. Se <citerefentry> <refentrytitle>sssd-simple</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> för mer information om att " +"konfigurera åtkomstmodulen simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote>: .k5login-baserad åtkomstkontroll. Se <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" +"<quote>proxy</quote> för att skicka vidare åtkomstkontroll till någon annam " +"PAM-modul." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" -msgstr "" +msgstr "Standard: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" -msgstr "" +msgstr "chpass_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" +"Leverantören som skall hantera lösenordsändringar för domänen. Leverantörer " +"av lösenordsändring som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> för att ändra lösenord lagrade i en LDAP-server. Se " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring Kerberos." msgstr "" +"<quote>krb5</quote> för att ändra Kerberoslösenordet. Se <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" +"<quote>proxy</quote> för att skicka vidare lösenordsändringar till något " +"annat PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." -msgstr "" +msgstr "<quote>none</quote> tillåter uttryckligen inte lösenordsändringar.." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" +"Standard: <quote>auth_provider</quote> används om det är satt och kan " +"hantera begäranden om ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" -msgstr "" +msgstr "sudo_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" +"SUDO-leverantören som används för domänen. SUDO-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> för regler lagrade i LDAP. Se <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" +"<quote>ipa</quote> samma som <quote>ldap</quote> men med " +"standandardsinställningar för IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" +"<quote>ad</quote> samma som <quote>ldap</quote> men med " +"standandardsinställningar för AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" +msgstr "<quote>none</quote> avaktiverar explicit SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." -msgstr "" +msgstr "Standard: värdet på <quote>id_provider</quote> används om det är satt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2914,188 +3548,249 @@ msgid "" "\"ldap_sudo_*\" in <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>." msgstr "" +"De detaljerade instruktionerna för att konfigurera sudo_provider finns i " +"manualsidan <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>. Det finns många " +"konfigurationsalternativ som kan användas för att justera beteendet. Se " +"”ldap_sudo_*” i <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " "<emphasis>sudo_provider = None</emphasis> to disable all sudo-related " "activity in SSSD if you do not want to use sudo with SSSD at all." msgstr "" +"<emphasis>OBSERVERA:</emphasis> Sudo-regler hämtas periodiskt i bakgrunden " +"om inte sudo-leverantören uttryckligen avaktiverats. Ange " +"<emphasis>sudo_provider = None</emphasis> för att avatkivera all sudo-" +"relaterad aktivitet i SSSD om du inte vill använda sudo med SSSD alls." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" -msgstr "" +msgstr "selinux_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " "providers are:" msgstr "" +"Leverantören som skall hantera inläsning av selinux-inställningar. " +"Observera att denna leverantör kommer anropas direkt efter att " +"åtkomstleverantören avslutar. Selinux-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> för att läsa in selinux-inställningar från en IPA-" +"server. Se <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> för mer information om att " +"konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" +"<quote>none</quote> tillåter uttryckligen inte att hämta selinux-" +"inställningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" +"Standard: <quote>id_provider</quote> används om det är satt och kan hantera " +"begäranden om inläsning av selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" -msgstr "" +msgstr "subdomains_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" +"Leverantören som skall hantera hämtandet av underdomäner. Detta värde skall " +"alltid vara samma som id_provider. Underdomänleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> för att läsa in en lista av underdomäner från en IPA-" +"server. Se <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> för mer information om att " +"konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "the AD provider." msgstr "" +"<quote>ad</quote> för att läsa in en lista av underdomäner från en Active " +"Directory-server. Se <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> för mer information om att " +"konfigurera AD-leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." -msgstr "" +msgstr "<quote>none</quote> tillåter uttryckligen inte att hämta underdomäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" -msgstr "" +msgstr "session_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " "Commander, which works only with IPA. Supported session providers are:" msgstr "" +"Leverantören som konfigurerar och hanterar uppgifter relaterade till " +"användarsessioner. De enda användarsessionsuppgifter som för närvarande " +"tillhandahålls är integration med Fleet Commander, vilket fungerar endast " +"med IPA. Sessionsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" +"<quote>ipa</quote> för att utföra uppgifter relaterade till " +"användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" +"<quote>none</quote> utför inte någon sorts uppgifter relaterade till " +"användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" +"Standard: <quote>id_provider</quote> används om det är satt och kan iygäts " +"sessionsrelaterade uppgifter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" +"<emphasis>OBSERVERA:</emphasis> För att denna funktion skall fungera som " +"förväntat måste SSSD köra som ”root” och inte som den opriviligierade " +"användaren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" -msgstr "" +msgstr "autofs_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" +"Autofs-leverantören som används för domänen. Autofs-leverantörer som stödjs " +"är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring LDAP." msgstr "" +"<quote>ldap</quote> för att läsa mappar lagrade i LDAP. Se <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> för att läsa mappar lagrade i en IPA-server. Se " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> for more information on configuring the AD provider." msgstr "" +"<quote>ad</quote> för att läsa mappar lagrade i en AD-server. Se " +"<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för mer information om att konfigurera AD-" +"leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." -msgstr "" +msgstr "<quote>none</quote> avaktiverar explicit autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" -msgstr "" +msgstr "hostid_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" +"Leverantören som används för att hämta värdidentitetsinformation. Värd-id-" +"leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> for more information on configuring IPA." msgstr "" +"<quote>ipa</quote> för att läsa värdidentiteter lagrade i en IPA-server. Se " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." -msgstr "" +msgstr "<quote>none</quote> avaktiverar explicit värd-id:n." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3103,48 +3798,62 @@ msgid "" "trust subdomains and Active Directory domains, the flat (NetBIOS) name of " "the domain." msgstr "" +"Reguljärt uttryck för denna domän som beskriver hur man skall tolka strängen " +"som innehåller användarnamnet och domänen in i dessa komponenter. Domänen " +"kan matcha antingen domännamnet i SSSD-konfigurationen eller, i fallet med " +"betrodda underdomäner i IPA och Active Directory-domäner, det platta " +"(NetBIOS) namnet på domänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" "P<name>[^@\\\\]+)$))</quote> which allows three different styles for " "user names:" msgstr "" +"Standard för leverantörerna AD och IPA: <quote>(((?P<domain>[^\\\\]+)\\" +"\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" +"P<name>[^@\\\\]+)$))</quote> vilket tillåter tre olika stilar av " +"användarnamn:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" -msgstr "" +msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" -msgstr "" +msgstr "användarnamn@domän.namn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" -msgstr "" +msgstr "domån\\användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" +"Medan de första två motsvarar det allmänna standardfallet introduceras den " +"tredje för att tillåta enkel integration av användare från Windows-domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " "sign, the domain everything after that\"" msgstr "" +"Standard: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"vilket kan översättas till ”namnet är allting fram till tecknet <quote>@</" +"quote>, sedan är domänen allting efter det”" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3154,232 +3863,259 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." -msgstr "" +msgstr "Standard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" -msgstr "" +msgstr "lookup_family_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" +"Ger möjligheten att välja föredragen adressfamilj att använda vid DNS-" +"uppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" -msgstr "" +msgstr "Värden som stödjs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" -msgstr "" +msgstr "ipv4_first: Försök slå up IPv4-adresser, om det misslyckas, prova IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." -msgstr "" +msgstr "ipv4_only: Försök endast slå upp värdnamn som IPv4-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" -msgstr "" +msgstr "ipv6_first: Försök slå up IPv6-adresser, om det misslyckas, prova IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." -msgstr "" +msgstr "ipv6_only: Försök endast slå upp värdnamn som IPv6-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" -msgstr "" +msgstr "Standard: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" -msgstr "" +msgstr "dns_resolver_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " "If this timeout is reached, the domain will continue to operate in offline " "mode." msgstr "" +"Definierar tiden (i sekunder) att vänta på ett svar från den interna " +"reservtjänsten före man antar att tjänsten inte kan nås. Om denna tidsgräns " +"nås kommer domänen fortsätta att fungera i frånkopplat läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" +"Se avsnittet <quote>RESERVER</quote> för mer information om tjänstevalet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" -msgstr "" +msgstr "Standard: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" -msgstr "" +msgstr "dns_discovery_domain (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" +"Om tjänsteupptäckt används i bakänden anger domändelen av tjänstens DNS-" +"fråga om tjänsteupptäckt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" -msgstr "" +msgstr "Standard: använd domändelen av maskinens värdnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" -msgstr "" +msgstr "override_gid (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." -msgstr "" +msgstr "Ersätt det primära GID-värdet med det angivna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" -msgstr "" +msgstr "case_sensitive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" -msgstr "" +msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." -msgstr "" +msgstr "Skiftlägeskänsligt. Detta värde är inte giltigt för AD-leverantörer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" -msgstr "" +msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." -msgstr "" +msgstr "Skiftlägesokänsligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" -msgstr "" +msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " "protocol names) are still lowercased in the output." msgstr "" +"Samma som False (skiftlägesokänsligt), men skiftar inte ner namn i " +"resultaten från NSS-operationer. Observera att namnalias (och i fallet med " +"tjänster även protokollnamn) fortfarande skiftas ner i utdata." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 +#, fuzzy +#| msgid "" +#| "With this parameter the certificate verification can be tuned with a " +#| "comma separated list of options. Supported options are: <placeholder type=" +#| "\"variablelist\" id=\"0\"/>" msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Med denna parameter kan verifieringen av certifikatet justeras med en " +"kommaseparerad lista av alternativ. Alternativ som stödjs är <placeholder " +"type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" -msgstr "" +msgstr "Standard: True (False för AD-leverantören)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" -msgstr "" +msgstr "subdomain_inherit (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " "Currently the following options can be inherited:" msgstr "" +"Anger en lista av konfigurationsparametrar som skall ärvas av underdomänen. " +"Observera att endast valda parametrar kan ärvas. För närvarande kan " +"följande alternativ ärvas:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" -msgstr "" +msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" -msgstr "" +msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" -msgstr "" +msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" -msgstr "" +msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" +"ldap_krb5_keytab (värdet på krb5_keytab kommer användas om inte " +"ldap_krb5_keytab sätts särskilt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" " " msgstr "" +"subdomain_inherit = ldap_purge_cache_timeout\n" +" " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" -msgstr "" +msgstr "Exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" +"Observera: detta alternativ fungerar endast med leverantörerna IPA och AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" -msgstr "" +msgstr "subdomain_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" -msgstr "" +msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." -msgstr "" +msgstr "platt (NetBIOS) namn på en underdomän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3387,170 +4123,279 @@ msgid "" "with <emphasis>subdomain_homedir</emphasis>. <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" +"Använd denna hemkatalog som standardvärde för alla underdomäner inom denna " +"domän i IPA AD tillit. Se <emphasis>override_homedir</emphasis> för " +"information om möjliga värden. Utöver dessa kan expansionen nedan endast " +"användas med <emphasis>subdomain_homedir</emphasis>. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" +"Värdet kan åsidosättas av alternativet <emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" -msgstr "" +msgstr "Standard: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" -msgstr "" +msgstr "realmd_tags (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" +"Diverse taggar lagrade av ralmd-konfigurationstjänsten för denna domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" -msgstr "" +msgstr "cached_auth_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " "the online mode." msgstr "" +"Anger tiden i sekunder sedan senaste lyckade uppkopplade autentisering under " +"vilka användaren kommer autentiseras med cachade kreditiv medan SSSD är i " +"uppkopplad läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." -msgstr "" +msgstr "Specialvärdet 0 betyder att denna funktion är avaktiverad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " "<quote>initgroups.</quote>" msgstr "" +"Observera att om <quote>cached_auth_timeout</quote> är längre än " +"<quote>pam_id_timeout</quote> kan bakänden anropas för att hantera " +"<quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" +msgstr "auto_private_groups (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +#, fuzzy +#| msgid "" +#| "If this option is enabled, SSSD will automatically create user private " +#| "groups based on user's UID number. The GID number is ignored in this case." +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" +"Om detta alternativ är aktiverat kommer SSSD automatiskt att skapa privata " +"användargrupper baserat på anvindarens UID-nummer. GID-numret ignoreras i " +"detta fall." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +#| "\"0\"/>" msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" +"Giltiga alternativ för proxy-domäner. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" +"För POSIX-underdomäner ärvs detta värde till underdomäner om det sätts i " +"huvuddomänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " "subdomain." msgstr "" +"För ID-mappning av underdomäner är auto_private_groups redan aktiverat för " +"underdomänerna och att sätta det till falskt kommer inte ha någon effekt för " +"underdomänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " "UID or GID number with this option. In other words, enabling this option " "enforces uniqueness across the ID space." msgstr "" +"OBSERVERA: Eftersom GID-numret och användarens privata grupp härleds från " +"UID-numret stödjs det inte att ha flera poster med samma UID- eller GID-" +"nummer med detta alternativ. Med andra ord, att aktivera detta alternativ " +"framtvingar unika nummer över hela ID-rymden." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Dessa konfigurationsalternativ kan finnas i en domänkonfigurationssektion, " +"det vill säga en sektion som heter <quote>[domain/<replaceable>NAMN</" +"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" -msgstr "" +msgstr "proxy_pam_target (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." -msgstr "" +msgstr "Proxymålet PAM är en proxy för." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" +"Standard: inte satt som standard, du måste ta en befintlig pam-konfiguration " +"eller skapa en ny och lägga till tjänstenamnet här." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" -msgstr "" +msgstr "proxy_lib_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" +"Namnet på NSS-biblioteket att använda i proxy-dämenter. NSS-funktioner som " +"letas efter i biblioteket har formen _nss_$(libName)_$(function), till " +"exempel _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" -msgstr "" +msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " "name was an alias. Setting this option to true would cause the SSSD to " "perform the ID lookup from cache for performance reasons." msgstr "" +"När en användare eller grupp slås upp efter namn i proxy-leverantören görs " +"en andra uppslagning efter ID för att \"kanonisera\" namnet i händelse det " +"begärda namnet var ett alias. Att sätta detta alternativ till sant skulle " +"få SSSD att utföra ID-uppslagningen från cachen av prestandaskäl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" -msgstr "" +msgstr "proxy_max_children (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " "slots, which would cause some issues due to the requests being queued." msgstr "" +"Detta alternativ anger antalet i förhand avgrenade proxy-barn. Det är " +"användbart för SSSD-miljöer med hög last där sssd kan få slut på " +"tillgängliga barnfack, vilket skulle orsaka problem på grund av att " +"begäranden skulle köas upp." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" +"Giltiga alternativ för proxy-domäner. <placeholder type=\"variablelist\" id=" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" -msgstr "" +msgstr "Programdomäner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3565,36 +4410,55 @@ msgid "" "<quote>application</quote> optionally inherits settings from a tradition " "SSSD domain." msgstr "" +"SSSD, med sitt D-Bus-gränssnitt (se <citerefentry> <refentrytitle>sssd-ifp</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) är tilltalande för " +"program som en portgång till en LDAP-katalog där användare och grupper " +"lagras. Dock, tvärtemot den traditionella SSSD-installationen där alla " +"användare och grupper antingen har POSIX-attribut eller så kan dessa " +"attribut härledas Windows-SID:arna, har i många fall användarna och " +"grupperna i programstödsscenariot inga POSIX-attribut. Istället för att " +"göra en sektion <quote>[domain/<replaceable>NAMN</replaceable>]</quote> kan " +"administratören skapa en sektion <quote>[application/<replaceable>NAMN</" +"replaceable>]</quote> som internt representerar en domän med typen " +"<quote>application</quote> och eventuellt ärver inställningar från en " +"traditionell SSSD-domän." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " "application domain and its POSIX sibling domain is set correctly." msgstr "" +"Observera att programdomänen måste fortfarande uttryckligen aktiveras i " +"parmametern <quote>domains</quote> så att uppslagningsordningen mellan " +"programdomänen och dess POSIX-syskondomän sätts korrekt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" -msgstr "" +msgstr "Programdomänparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" -msgstr "" +msgstr "inherit_from (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " "application settings that augment or override the <quote>sibling</quote> " "domain settings." msgstr "" +"Den SSSD-domän av POSIX-typ som programdomänen ärver alla inställningar " +"ifrån. Programdomänen kan dessutom lägga till sina egna inställningar till " +"programinställningarna som kompletterar eller åsidosätter <quote>syskon</" +"quote>domänens inställningar." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3602,9 +4466,14 @@ msgid "" "the telephoneNumber attribute, stores it as the phone attribute in the cache " "and makes the phone attribute reachable through the D-Bus interface." msgstr "" +"Följande exempel illustrerar användningen av en programdomän. I denna " +"uppsättning är POSIX-domänen kopplad till en LDAP-server och används av OS:" +"et via NSS-respondenten. Dessutom,begär programdomänen attributet " +"telephoneNumber, lagrar det som attributet telefon i cachen och gör " +"attributet telefon nåbart via D-Bus-gränssnittet." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3622,161 +4491,199 @@ msgid "" "inherit_from = posixdom\n" "ldap_user_extra_attrs = phone:telephoneNumber\n" msgstr "" +"[sssd]\n" +"domains = progdom, posixdom\n" +"\n" +"[ifp]\n" +"user_attributes = +telefon\n" +"\n" +"[domain/posixdom]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"[application/progdom]\n" +"inherit_from = posixdom\n" +"ldap_user_extra_attrs = telefon:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" -msgstr "" +msgstr "Den lokala domänsektionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" +"Denna sektion innehåller inställningar för domänen som lagrar användare och " +"grupper i SSSD:s egna databas, det vill säga, en domän som använder " +"<replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" -msgstr "" +msgstr "default_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" +"Standardskalet för användare som skapas med SSSD:s verktyg för " +"användarrymden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" -msgstr "" +msgstr "Standard: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" -msgstr "" +msgstr "base_directory (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" +"Verktygen lägger till inloggningsnamnet till <replaceable>base_directory</" +"replaceable> och använder det som hemkatalogen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" -msgstr "" +msgstr "Standard: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" -msgstr "" +msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" +"Indikera om en hemkatalog skall skapas som standard för nya användare. Kan " +"åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" -msgstr "" +msgstr "Standard: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" -msgstr "" +msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" +"Indikera om en hemkatalog skall tas bort som standard för raderade " +"användare. Kan åsidosättas på kommandoraden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" -msgstr "" +msgstr "homedir_umask (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" +"Används av <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> för att ange standardrättigheterna " +"på en nyskapad hemkatalog." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" -msgstr "" +msgstr "Standard: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" -msgstr "" +msgstr "skel_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" "manvolnum> </citerefentry>" msgstr "" +"Skelettkatalogen, som innehåller filer och kataloger som skall kopieras till " +"användarens hemkatalog, när hemkatalogen skapas av <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" -msgstr "" +msgstr "Standard: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" -msgstr "" +msgstr "mail_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " "default value is used." msgstr "" +"Brevlådekatalogen. Detta behövs för att hantera brevlådan när det " +"motsvarande användarkontot ändras eller raderas. Om inte angivet används " +"ett standardvärde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" -msgstr "" +msgstr "Standard: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" -msgstr "" +msgstr "userdel_cmd (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " "return code of the command is not taken into account." msgstr "" +"Kommandot att köra efter att en användare tagits bort. Kommandot får " +"användarnamnet på användaren som tas bort som första och enda parameter. " +"Ingen hänsyn tas till returkoden från kommandot." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" -msgstr "" +msgstr "Standard: Inget, inget kommando körs" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" -msgstr "" +msgstr "SEKTIONEN BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3785,66 +4692,74 @@ msgid "" "domain. Please refer to examples below for explanation. Currently supported " "options in the trusted domain section are:" msgstr "" +"Några alternativ som används i domänsektionen kan även användas i sektionen " +"för betrodda domäner, det vill säga, i en sektion som heter <quote>[domain/" +"<replaceable>DOMÄNNAMN</replaceable>/<replaceable>NAMN_PÅ_BETRODD_DOMÄN</" +"replaceable>]</quote>. Där DOMÄNNAMN är den aktuella basdomänen som " +"anslutits till. Se exempel nedan för förklaring. För närvarande stödda " +"alternativ i sektionen för betrodda domäner är:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," -msgstr "" +msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," -msgstr "" +msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," -msgstr "" +msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," -msgstr "" +msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," -msgstr "" +msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," -msgstr "" +msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," -msgstr "" +msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," -msgstr "" +msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" -msgstr "" +msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" +"För fler detaljer om dessa alternativ se deras individuella beskrivningar i " +"manualsidan." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" -msgstr "" +msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3872,26 +4787,55 @@ msgid "" "max_id = 20000\n" "enumerate = False\n" msgstr "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " "configuring domains for more details. <placeholder type=\"programlisting\" " "id=\"0\"/>" msgstr "" +"1. Följande exempel visar en typisk SSSD-konfiguration. Den beskriver inte " +"konfigurationen av själva domänerna – se dokumentationen om att konfigurera " +"domäner för fler detaljer. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" "use_fully_qualified_names = false\n" msgstr "" +"[domain/ipa.se/barn.ad.se]\n" +"use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3900,16 +4844,21 @@ msgid "" "configuration should be used. <placeholder type=\"programlisting\" id=\"0\"/" ">" msgstr "" +"2. Följande exempel visar konfigurationen av IPA AD-förtroende i en förälder-" +"barn-struktur. Anta att IPA-domänen (ipa.se) har förtroende för AD-domänen " +"(ad.se). ad.se har en barndomän (barn.ad.se). För att aktivera kortnamn i " +"barndomänen skall följande konfiguration användas. <placeholder type=" +"\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" -msgstr "" +msgstr "sssd-ldap" #. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-ldap.5.xml:17 msgid "SSSD LDAP provider" -msgstr "" +msgstr "SSSD LDAP-leverantör" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 @@ -3920,11 +4869,16 @@ msgid "" "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> manual page for detailed syntax information." msgstr "" +"Denna manualsida beskriver beskriver konfigurationen av LDAP-domäner för " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Se avsnittet <quote>FILFORMAT</quote> av manualsidan " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> för detaljerad syntaxinformation." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." -msgstr "" +msgstr "Du kan konfigurera SSSD för att använda mer än en LDAP-domän." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 @@ -3937,18 +4891,25 @@ msgid "" "<quote>ldap_access_filter</quote> config option for more information about " "using LDAP as an access provider." msgstr "" +"LDAP-bakändar stödjer leverantörer av id, autentisering, åtkomst och " +"lösenordsändring. Om du vill autentisera mot en LDAP-server krävs antingen " +"TLS/SSL eller LDAPS. <command>sssd</command> stödjer <emphasis>inte</" +"emphasis> autentisering över en okrypterad kanal. Om LDAP-servern används " +"endsat som en identitetsleverantör behövs inte en krypterad kanal. Se " +"konfigurationsalternativet <quote>ldap_access_filter</quote> för mer " +"information om att använda LDAP som en åtkomstleverantör." #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:81 sssd-ad.5.xml:115 #: sssd-krb5.5.xml:63 sssd-ifp.5.xml:44 sssd-files.5.xml:57 #: sssd-secrets.5.xml:120 sssd-session-recording.5.xml:58 sssd-kcm.8.xml:139 msgid "CONFIGURATION OPTIONS" -msgstr "" +msgstr "KONFIGURATIONSALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri, ldap_backup_uri (string)" -msgstr "" +msgstr "ldap_uri, ldap_backup_uri (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 @@ -3959,32 +4920,39 @@ msgid "" "neither option is specified, service discovery is enabled. For more " "information, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" +"Anger en kommaseparerad lista av URI:er till LDAP-servrar till vilka SSSD " +"skall ansluta i prioritetsordning. Se avsnittet <quote>RESERVER</quote> för " +"mer information om reserver och serverredundans. Om ingendera alternativ är " +"angivet kommer tjänsteupptäckt användas. För mer information, se avsnittet " +"<quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:70 sssd-secrets.5.xml:264 msgid "The format of the URI must match the format defined in RFC 2732:" -msgstr "" +msgstr "Formatet på URI:n måste stämma med formatet som definieras i RFC 2732:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:73 msgid "ldap[s]://<host>[:port]" -msgstr "" +msgstr "ldap[s]://<värd>[:port]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 msgid "" "For explicit IPv6 addresses, <host> must be enclosed in brackets []" msgstr "" +"För explicita IPv6-adresser måste <host> vara omslutet av " +"hakparenteser []" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:79 msgid "example: ldap://[fc00::126:25]:389" -msgstr "" +msgstr "exempel: ldap://[fc00::126:25]:389" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)" -msgstr "" +msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:88 @@ -3994,26 +4962,32 @@ msgid "" "Refer to the <quote>FAILOVER</quote> section for more information on " "failover and server redundancy." msgstr "" +"Anger en kommaseparerad lista av URI:er till LDAP-servrar till vilka SSSD " +"skall ansluta i prioritetsordning för att ändra lösenordet för en " +"användare. Se avsnittet <quote>RESERVER</quote> för mer information om " +"reserver och serverredundans." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:95 msgid "To enable service discovery ldap_chpass_dns_service_name must be set." msgstr "" +"För att aktivera tjänsteuppslagning måste ldap_chpass_dns_service_name vara " +"satt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:99 msgid "Default: empty, i.e. ldap_uri is used." -msgstr "" +msgstr "Standard: tomt, d.v.s. ldap_uri används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:105 msgid "ldap_search_base (string)" -msgstr "" +msgstr "ldap_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:108 msgid "The default base DN to use for performing LDAP user operations." -msgstr "" +msgstr "Standard bas-DN att använda för att utföra LDAP-användaroperationer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:112 @@ -4021,16 +4995,18 @@ msgid "" "Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " "syntax:" msgstr "" +"Med början med SSSD 1.7.0 stödjer SSSD flera sökbaser genom att använda " +"syntaxen:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" +msgstr "sökbas[?räckvidd?[filter][?sökbas?räckvidd?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" +msgstr "Räckvidden kan vara en av ”base”, ”onelevel” eller ”subtree”." #. type: Content of: <listitem><para> #: sssd-ldap.5.xml:122 include/ldap_search_bases.xml:18 @@ -4038,12 +5014,14 @@ msgid "" "The filter must be a valid LDAP search filter as specified by http://www." "ietf.org/rfc/rfc2254.txt" msgstr "" +"Filtret måste vara ett korrekt LDAP-sökfilter som specificerat i http://www." +"ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" -msgstr "" +msgstr "Exempel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:129 @@ -4051,6 +5029,8 @@ msgid "" "ldap_search_base = dc=example,dc=com (which is equivalent to) " "ldap_search_base = dc=example,dc=com?subtree?" msgstr "" +"ldap_search_base = dc=example,dc=com (vilket är ekvivalent med) " +"ldap_search_base = dc=example,dc=com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:134 @@ -4058,6 +5038,8 @@ msgid "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" msgstr "" +"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" +"(host=thishost)?dc=example.com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:137 @@ -4067,6 +5049,9 @@ msgid "" "different search bases). This will lead to unpredictable behavior on client " "machines." msgstr "" +"Observera: det stödjs inte att ha flera sökbaser som refererar identiskt " +"namngivna objekt (till exempel, grupper med samma namn i två olika " +"sökbaser). Detta kommer medföra oförutsägbart beteende på klientmaskinerna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:144 @@ -4078,11 +5063,17 @@ msgid "" "the search base of the LDAP server to make this work. Multiple values are " "are not supported." msgstr "" +"Standard: om inte satt används värdet från attributet defaultNamingContext " +"eller namingContexts från RootDSE:n hos LDAP-servern. Om " +"defaultNamingContext inte finns eller har ett tomt värde används " +"namingContexts. Attributet namingContexts måste ha ett ensamt värde med DN:" +"n hos sökbasen hos LDAP-servern för att detta skall fungera. Flera värden " +"stödjs inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:158 msgid "ldap_schema (string)" -msgstr "" +msgstr "ldap_schema (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:161 @@ -4091,31 +5082,34 @@ msgid "" "the selected schema, the default attribute names retrieved from the servers " "may vary. The way that some attributes are handled may also differ." msgstr "" +"Anger skematypen som används på mål-LDAP-servern. Beroende på det valda " +"schemat kan standardattributnamnen som hämtas från servrarna variera. " +"Sättet som en del attribut hanteras kan också skilja." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:168 msgid "Four schema types are currently supported:" -msgstr "" +msgstr "Fyra schematyper stödjs för närvarande:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:172 msgid "rfc2307" -msgstr "" +msgstr "rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:177 msgid "rfc2307bis" -msgstr "" +msgstr "rfc2307bis" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:182 msgid "IPA" -msgstr "" +msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:187 msgid "AD" -msgstr "" +msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:193 @@ -4127,515 +5121,623 @@ msgid "" "attribute. The AD schema type sets the attributes to correspond with Active " "Directory 2008r2 values." msgstr "" +"Den huvudsakliga skillnaden mellan dessa schematyper är hur gruppmedlemskap " +"lagras i servern. Med rfc2307 listas gruppmedlemskap med namn i attributet " +"<emphasis>memberUid</emphasis>. Med rfc2307bis och IPA listas " +"gruppmedlemskap av DN och lagras i attributet <emphasis>member</emphasis>. " +"AD-schematypen sätter attributen till att motsvara Active Directory 2008r2-" +"värden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:203 msgid "Default: rfc2307" -msgstr "" +msgstr "Standard: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" -msgstr "" +#, fuzzy +#| msgid "ldap_user_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_user_modify_timestamp (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 -msgid "The default bind DN to use for performing LDAP operations." +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "Fyra schematyper stödjs för närvarande:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Standard: gecos" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "ldap_default_bind_dn (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "Standard bindning-DN att använda för att utföra LDAP-operationer." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" -msgstr "" +msgstr "ldap_default_authtok_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." -msgstr "" +msgstr "Typen på autentiseringstecknet hos standardbindnings-DN." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" -msgstr "" +msgstr "De två mekanismerna som stödjs för närvarande är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" -msgstr "" +msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" -msgstr "" +msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" -msgstr "" +msgstr "Standard: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" -msgstr "" +msgstr "ldap_default_authtok (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" +"Autentiseringstecknet hos standardbindnings-DN. Endast lösenord i klartext " +"stödjs för närvarande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" -msgstr "" +msgstr "ldap_user_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." -msgstr "" +msgstr "Objektklassen hos en användarpost i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" -msgstr "" +msgstr "Standard: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" -msgstr "" +msgstr "ldap_user_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." -msgstr "" +msgstr "LDAP-attributet som motsvarar användarens inloggningsnamn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" -msgstr "" +msgstr "Standard: uid (rfc2307, rfc2307bis och IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" -msgstr "" +msgstr "ldap_user_uid_number (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." -msgstr "" +msgstr "LDAP-attributet som motsvarar användarens id." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" -msgstr "" +msgstr "Standard: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" -msgstr "" +msgstr "ldap_user_gid_number (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." -msgstr "" +msgstr "LDAP-attributet som motsvarar användarens primära grupp-id." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" -msgstr "" +msgstr "Standard: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" -msgstr "" +msgstr "ldap_user_primary_group (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" "quote> provider with ID mapping." msgstr "" +"Active Directorys primära gruppattribut för ID-mappning. Observera att " +"detta attribut skall bara sättas manuellt om du kör <quote>ldap</quote>-" +"leverantören med ID-mappning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" -msgstr "" +msgstr "Standard: ej satt (LDAP), primaryGroupID (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" -msgstr "" +msgstr "ldap_user_gecos (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." -msgstr "" +msgstr "LDAP-attributet som motsvarar användarens gecos-fält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" -msgstr "" +msgstr "Standard: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" -msgstr "" +msgstr "ldap_user_home_directory (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." -msgstr "" +msgstr "LDAP-attributet som innehåller namnet på användarens hemkatalog." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" -msgstr "" +msgstr "Standard: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" -msgstr "" +msgstr "ldap_user_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." -msgstr "" +msgstr "LDAP-attributet som innehåller sökvägen till användarens standardskal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" -msgstr "" +msgstr "Standard: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" -msgstr "" +msgstr "ldap_user_uuid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." -msgstr "" +msgstr "LDAP-attributet som innehåller UUID/GUID för ett LDAP-användarobjekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" +"Standard: inte satt i det allmänna fallet, objectGUID för AD och ipaUniqueID " +"för IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" -msgstr "" +msgstr "ldap_user_objectsid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" +"LDAP-attributet som innehåller objectSID för ett LDAP-användarobjekt. Detta " +"är normalt bara nödvändigt för Active Directory-servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." -msgstr "" +msgstr "Standard: objectSid för Active Directory, inte satt för andra servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" -msgstr "" +msgstr "ldap_user_modify_timestamp (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" +"LDAP-attributet som innehåller tidsstämpeln för den senaste ändringen av " +"föräldraobjektet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" -msgstr "" +msgstr "Standard: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" -msgstr "" +msgstr "ldap_user_shadow_last_change (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " "the last password change)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (tidpunkt för senaste lösenordsändring)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" -msgstr "" +msgstr "Standard: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" -msgstr "" +msgstr "ldap_user_shadow_min (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " "password age)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (minsta lösenordsålder)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" -msgstr "" +msgstr "Standard: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" -msgstr "" +msgstr "ldap_user_shadow_max (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " "password age)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (största lösenordsålder)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" -msgstr "" +msgstr "Standard: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" -msgstr "" +msgstr "ldap_user_shadow_warning (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password warning period)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (varningsperiod för lösenord)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" -msgstr "" +msgstr "Standard: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" -msgstr "" +msgstr "ldap_user_shadow_inactive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " "(password inactivity period)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (inaktivitetsperiod för lösenord)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" -msgstr "" +msgstr "Standard: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" -msgstr "" +msgstr "ldap_user_shadow_expire (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " "<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry> counterpart (account expiration date)." msgstr "" +"När ldap_pwd_policy=shadow används innehåller denna parameter namnet på ett " +"LDAP-attribut som utgör dess motsvarighet i <citerefentry> " +"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> (tid då kontot går ut)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" -msgstr "" +msgstr "Standard: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" -msgstr "" +msgstr "ldap_user_krb_last_pwd_change (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" +"När ldap_pwd_policy=mit_kerberos används innehåller denna parameter namnet " +"på ett LDAP-attribut som lagrar dag och tid för senaste lösenordsändring i " +"kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" -msgstr "" +msgstr "Standard: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" -msgstr "" +msgstr "ldap_user_krb_password_expiration (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" +"När ldap_pwd_policy=mit_kerberos används innehåller denna parameter namnet " +"på ett LDAP-attribut som lagrar dag och tid när det nuvarande låsenordet går " +"ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" -msgstr "" +msgstr "Standard: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" -msgstr "" +msgstr "ldap_user_ad_account_expires (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" +"När ldap_account_expire_policy=ad används innehåller denna parameter namnet " +"på ett LDAP-attribut som lagrar tidpunkten när kontot går ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" -msgstr "" +msgstr "Standard: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" -msgstr "" +msgstr "ldap_user_ad_user_account_control (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" +"När ldap_account_expire_policy=ad används innehåller denna parameter namnet " +"på ett LDAP-attribut som lagrar användarkontots styrbitfält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" -msgstr "" +msgstr "Standard: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" -msgstr "" +msgstr "ldap_ns_account_lock (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" +"När ldap_account_expire_policy=rhds eller likvärdigt används avgör denna " +"parameter om åtkomst skall tillåtas eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" -msgstr "" +msgstr "Standard: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" -msgstr "" +msgstr "ldap_user_nds_login_disabled (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" +"När ldap_account_expire_policy=nds används avgör detta attribut om åtkomst " +"skall tillåtas eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" -msgstr "" +msgstr "Standard: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" -msgstr "" +msgstr "ldap_user_nds_login_expiration_time (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" +"När ldap_account_expire_policy=nds används avgör detta attribut till vilket " +"datum åtkomst tillåts." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" -msgstr "" +msgstr "ldap_user_nds_login_allowed_time_map (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" +"När ldap_account_expire_policy=nds används avgör detta attribut vilka timmar " +"på dagen i en vecka åtkomst tillåts." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" -msgstr "" +msgstr "Standard: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" -msgstr "" +msgstr "ldap_user_principal (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" +"LDAP-attributet som innehåller användarens användarhuvudmansnamn i Kerberos " +"(UPN)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" -msgstr "" +msgstr "Standard: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" -msgstr "" +msgstr "ldap_user_extra_attrs (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" +"Kommaseparerad lista av LDAP-attribut som SSSD skall hämta tillsammans med " +"den vanliga uppsättningen av användarattribut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4643,259 +5745,308 @@ msgid "" "verbatim. Using a custom SSSD attribute name might be required by " "environments that configure several SSSD domains with different LDAP schemas." msgstr "" +"Listan kan antingen innehålla endast LDAP-attributnamn, eller " +"kolonseparerade tupler av SSSD-cacheattribut och LDAP-attributnamn. Ifall " +"endast LDAP-attributnamn anges sparas attributet i cachen ordagrant. Att " +"använda ett anpassat SSSD-attributnamn kan vara nödvändigt i miljöer som " +"konfigurerar flera SSSD-domäner med olika LDAP-scheman." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " "reserved attribute names is used as an extra attribute name." msgstr "" +"Observera att flera attributnamn är reserverade av SSSD, speciellt " +"attributet <quote>name</quote>. SSSD rapporterar ett fel om något av de " +"reserverade attributnamnen används som ett extra attributnamn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" -msgstr "" +msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" +"Spara attributet <quote>telephoneNumber</quote> från LDAP som " +"<quote>telephoneNumber</quote> i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" -msgstr "" +msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" +"Spara attributet <quote>telephoneNumber</quote> från LDAP som <quote>phone</" +"quote> i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" -msgstr "" +msgstr "ldap_user_ssh_public_key (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" +msgstr "LDAP-attributet som innehåller användarens publika SSH-nycklar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" -msgstr "" +msgstr "Standard: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" -msgstr "" +msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " "fail. Set this option to a non-zero value if you want to use an upper-case " "realm." msgstr "" +"Några katalogservrar, till exempel Active Directory, kan leverera delen rike " +"av UPN:en i gemener, vilket kan få autentiseringen att misslyckas. Sätt " +"detta alternativ till ett värde skilt från noll ifall du vill använda ett " +"rike i versaler." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" -msgstr "" +msgstr "ldap_enumeration_refresh_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" +"Anger hur många sekunder SSSD måste vänta före den uppdaterar sin cache av " +"uppräknade poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" -msgstr "" +msgstr "ldap_purge_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " "space." msgstr "" +"Bestäm hur ofta cachen skall kontrolleras för inaktiva poster (såsom grupper " +"utan medlemmar och användare som aldrig har loggat in) och ta bort dem för " +"att spara utrymme." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " "to detect entries removed from the server and can't be disabled. By default, " "the cleanup task will run every 3 hours with enumeration enabled." msgstr "" +"Att sätta detta alternativ till noll kommer avaktivera rensningsoperationen " +"för cachen. Observera att om uppräkning är aktiverat krävs rensningsjobbet " +"för att upptäcka poster som tas bort från servern och inte kan avaktiveras. " +"Som standard kör rensningsjobbet var 3:e timma när uppräkning är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" -msgstr "" +msgstr "ldap_user_fullname (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." -msgstr "" +msgstr "LDAP-attributet som motsvarar användarens fullständiga namn." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" -msgstr "" +msgstr "Standard: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" -msgstr "" +msgstr "ldap_user_member_of (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." -msgstr "" +msgstr "LDAP-attributet som räknar upp användarens gruppmedlemskap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" -msgstr "" +msgstr "Standard: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" -msgstr "" +msgstr "ldap_user_authorized_service (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " "to determine access privilege." msgstr "" +"Om access_provider=ldap och ldap_access_order=authorized_service kommer SSSD " +"använda förekomsten av attributet authorizedService i användarens LDAP-post " +"för att avgöra åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" +"Ett explicit nekande (!svc) avgörs först. Därefter söker SSSD efter " +"explicit tillåtelse (svc) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " "ldap_user_authorized_service option to work." msgstr "" +"Observera att konfigurationsalternativet ldap_access_order <emphasis>måste</" +"emphasis> innehållla <quote>authorized_service</quote> för att alternativet " +"ldap_user_authorized_service skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" -msgstr "" +msgstr "Standard: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" -msgstr "" +msgstr "ldap_user_authorized_host (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " "privilege." msgstr "" +"Om access_provider=ldap och ldap_access_order=host kommer SSSD använda " +"förekomsten av attributet host i användarens LDAP-post för att avgöra " +"åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" +"Ett explicit nekande (!host) avgörs först. Därefter söker SSSD efter " +"explicit tillåtelse (host) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " "ldap_user_authorized_host option to work." msgstr "" +"Observera att konfigurationsalternativet ldap_access_order <emphasis>måste</" +"emphasis> innehållla <quote>host</quote> för att alternativet " +"ldap_user_authorized_host skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" -msgstr "" +msgstr "Standard: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" -msgstr "" +msgstr "ldap_user_authorized_rhost (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " "privilege. Similarly to host verification process." msgstr "" +"Om access_provider=ldap och ldap_access_order=rhost kommer SSSD använda " +"förekomsten av attributet rhost i användarens LDAP-post för att avgöra " +"åtkomstpriviligier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" +"Ett explicit nekande (!rhost) avgörs först. Därefter söker SSSD efter " +"explicit tillåtelse (rhost) och slutligen efter allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " "ldap_user_authorized_rhost option to work." msgstr "" +"Observera att konfigurationsalternativet ldap_access_order <emphasis>måste</" +"emphasis> innehållla <quote>rhost</quote> för att alternativet " +"ldap_user_authorized_rhost skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" -msgstr "" +msgstr "Standard: rhost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" -msgstr "" +msgstr "ldap_user_certificate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." -msgstr "" +msgstr "Namnet på LDAP-attributet som innehåller användarens X509-certifikat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" -msgstr "" +msgstr "Standard: userCertificate;binary" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" -msgstr "" +msgstr "ldap_user_email (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." -msgstr "" +msgstr "Namnet på LDAP-attributet som innehåller användarens e-postadress." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4903,108 +6054,114 @@ msgid "" "email address then set this option to a nonexistent attribute name in order " "to disable user lookup/login by email." msgstr "" +"Observera: om en e-postadress för användaren står i konflikt med en e-" +"postadress eller fullt kvalificerat namn för en annan användare, då kommer " +"SSSD inte kunna serva dessa användare ordentligt. Om flera användare av " +"något skäl behöver dela samma e-postadress, sätt då detta attributnamn till " +"ett som inte finns för att avaktivera uppslagning/inloggning av användare " +"via e-post." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" -msgstr "" +msgstr "Standard: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" -msgstr "" +msgstr "ldap_group_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." -msgstr "" +msgstr "Objektklassen hos en gruppost i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" -msgstr "" +msgstr "Standard: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -5012,34 +6169,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5047,7 +6204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5057,7 +6214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5067,17 +6224,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5085,14 +6242,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5100,7 +6257,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5109,12 +6266,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5122,172 +6279,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5295,95 +6452,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5391,7 +6548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5399,12 +6556,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5412,12 +6569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5428,12 +6585,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5442,12 +6599,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5456,34 +6613,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5491,14 +6648,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5506,17 +6663,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5526,12 +6683,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5539,17 +6696,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5557,13 +6714,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5572,7 +6729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5580,26 +6737,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5607,7 +6764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5615,7 +6772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5623,41 +6780,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5666,32 +6823,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5699,24 +6856,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5724,17 +6881,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5745,29 +6902,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5780,7 +6937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5792,17 +6949,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5810,49 +6967,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5860,27 +7017,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5890,17 +7047,26 @@ msgid "" "discovery is enabled - for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" +"Anger en kommaseparerad lista av IP-adresser eller värdnamn till " +"Kerberosservrar till vilka SSSD skall ansluta i prioritetsordning. För mer " +"information om reserver och serverredundans se avsnittet <quote>RESERVER</" +"quote>. Ett frivilligt portnummer (föregånget av ett kolon) kan läggas till " +"till adresserna eller värdnamnen. Om tomt aktiveras tjänsteupptäckt – för " +"mer information, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " "none are found." msgstr "" +"När tjänsteupptäckt används för KDC eller kpasswd-servrar söker SSSD först " +"efter DNS-poster som anger _udp som protokoll och provar sedan _tcp om inget " +"hittas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5908,39 +7074,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5950,7 +7116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5958,26 +7124,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5985,7 +7151,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5993,31 +7159,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6026,56 +7192,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" +"Anger tjänstenamnet som skall användas när tjänsteupptäckt är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" +"Anger tjänstenamnet att använda för att hitta en LDAP-server som tillåter " +"lösenordsändringar när tjänsteupptäckte är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" -msgstr "" +msgstr "Standard: inte satt, d.v.s. tjänsteupptäckt är avaktiverat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6091,12 +7260,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6105,14 +7274,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6121,24 +7290,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6146,19 +7315,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6167,7 +7336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6175,7 +7344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6184,7 +7353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6192,22 +7361,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6217,14 +7386,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6237,12 +7406,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6252,7 +7421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6262,63 +7431,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6327,74 +7496,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6405,7 +7574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6413,24 +7582,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6445,12 +7614,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6458,208 +7627,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6667,101 +7836,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6770,111 +7939,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6883,32 +8052,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6917,22 +8086,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6941,14 +8110,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6956,7 +8125,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6969,27 +8138,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7005,13 +8174,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7271,31 +8440,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7303,20 +8535,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8398,6 +9639,11 @@ msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" +"Den kommaseparerade listan av IP-adresser eller värdnamn till IPA-servrar " +"till vilka SSSD skall ansluta i prioritetsordning. För mer information om " +"reserver och serverredundans se avsnittet <quote>RESERVER</quote>. Detta är " +"frivilligt om autodiscovery är aktiverat. För mer information " +"tjänsteupptäckt, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:116 @@ -8413,7 +9659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8428,7 +9674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8443,12 +9689,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8469,12 +9715,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8498,17 +9744,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8516,7 +9762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8528,7 +9774,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:221 sssd-ad.5.xml:213 msgid "Enables DNS sites - location based service discovery." -msgstr "" +msgstr "Aktiverar DNS-sajter – platsbaserat tjänsteupptäckt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:225 @@ -8541,9 +9787,16 @@ msgid "" "discovery are treated as primary servers and the IPA servers located using " "the traditional SRV discovery are used as back up servers" msgstr "" +"Om sant och tjänsteupptäckt (se stycket Tjänsteupptäckt i slutet av " +"manualsidan) är aktiverat kommer SSSD först att försöka med platsbaserad " +"upptäckt med en fråga som innehåller ”_location.hostname.example.com” och " +"sedan falla tillbaka på traditionell SRV-upptäckt. Om platsbaserad upptäckt " +"lyckas betraktas IPA-servrarna som lokaliserats med platsbaserad upptäckt " +"som primära servrar och IPA-servrarna som hittas med den traditionenlla SRV-" +"upptäckten används som backup-servrar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8556,12 +9809,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8580,50 +9833,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8734,26 +9987,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8772,7 +10025,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9389,6 +10642,9 @@ msgid "" "connect in order of preference. For more information on failover and server " "redundancy, see the <quote>FAILOVER</quote> section." msgstr "" +"Den kommaseparerade listan av värdnamn till AD-servrar till vilka SSSD skall " +"ansluta i prioritetsordning. För mer information om reserver och " +"serverredundans se avsnittet <quote>RESERVER</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:180 @@ -9396,6 +10652,8 @@ msgid "" "This is optional if autodiscovery is enabled. For more information on " "service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" +"Detta är frivilligt om automatupptäckt är aktiverat. För mer information om " +"tjänsteupptäckt se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:185 @@ -9439,6 +10697,12 @@ msgid "" "DNS SRV configuration, including the discovery domain, is used during site " "discovery as well." msgstr "" +"Om sant och tjänsteupptäckt (se stycket Tjänsteupptäckt i slutet av " +"manualsidan) är aktiverat kommer SSSD först att försöka matt hitta en Active " +"Directory-server att ansluta till med Active Directory Site Discovery och " +"sedan falla tillbaka på traditionell SRV-upptäckt om ingen AD-sajt hittas. " +"Konfigurationen av DNS SRV, inklusive upptäcktsdomänen, används också under " +"sajtupptäckten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:233 @@ -9633,24 +10897,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: False" +msgid "Default: False (seconds)" +msgstr "Default: False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9658,14 +10945,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9673,7 +10960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9684,79 +10971,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9764,7 +11015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9772,7 +11023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9780,7 +11031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9792,22 +11043,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9815,7 +11066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9823,7 +11074,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9831,7 +11082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9843,22 +11094,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9866,14 +11117,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9881,7 +11132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9892,18 +11143,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9911,14 +11168,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9926,7 +11183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9937,19 +11194,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9957,7 +11214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9969,39 +11226,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -10009,12 +11256,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -10027,57 +11274,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10085,17 +11332,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10105,12 +11352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10121,19 +11368,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10143,12 +11390,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10156,7 +11403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10171,7 +11418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10180,7 +11427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10188,7 +11435,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10198,7 +11445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -11240,6 +12487,12 @@ msgid "" "discovery is enabled; for more information, refer to the <quote>SERVICE " "DISCOVERY</quote> section." msgstr "" +"Anger en kommaseparerad lista av IP-adresser eller värdnamn till " +"Kerberosservrar till vilka SSSD skall ansluta, i prioritetsordning. För mer " +"information om reserver och serverredundans se avsnittet <quote>RESERVER</" +"quote>. Ett frivilligt portnummer (föregånget av ett kolon) kan läggas till " +"till adresserna eller värdnamnen. Om tomt aktiveras tjänsteupptäckt; för " +"mer information, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:106 @@ -11269,6 +12522,10 @@ msgid "" "servers to try, the backend is not switched to operate offline if " "authentication against the KDC is still possible." msgstr "" +"För mer information om reserver och serverredundans se avsnittet " +"<quote>RESERVER</quote>. OBSERVERA: även om det inte finns några fler " +"kpasswd-servrar att försöka med byter inte bakänden till att köra " +"frånkopplat om autenticering mot KDC:n fortfarande är möjligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:129 @@ -12905,14 +14162,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GRUPPER</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -13057,10 +14308,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: false" msgid "Default: /etc/passwd" -msgstr "Standard: false" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13077,13 +14326,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/group" -msgstr "Standard: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 +#, fuzzy +#| msgid "" +#| "This section lists the available tunables. Please refer to their " +#| "description in the <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, manual page. " +#| "<placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "In addition to the options listed below, generic SSSD domain options can be " "set where applicable. Refer to the section <quote>DOMAIN SECTIONS</quote> " @@ -13091,6 +14344,10 @@ msgid "" "manvolnum> </citerefentry> manual page for details on the configuration of " "an SSSD domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" +"Detta avsnitt listar tillgängliga trimningsvariabler. Se deras beskrivning " +"i manualsidan <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:105 @@ -14519,7 +15776,7 @@ msgstr "" #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" -msgstr "" +msgstr "TJÄNSTEUPPTÄCKT" #. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 @@ -14528,6 +15785,9 @@ msgid "" "appropriate servers to connect to using a special DNS query. This feature is " "not supported for backup servers." msgstr "" +"Tjänsteupptäcktsfunktionen gör att bakändar automatiskt kan hitta en lämplig " +"server att ansluta till med en speciell DNS-fråga. Denna funktion stödjs " +"inte för backup-servrar." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 include/ldap_id_mapping.xml:99 @@ -14545,6 +15805,13 @@ msgid "" "prefers to use service discovery whenever possible, and fall back to a " "specific server when no servers can be discovered using DNS." msgstr "" +"Om inga servrar anges använder bakänden automatiskt tjänsteupptäckt för att " +"försöka hitta en server. Användaren kan om så önskas välja att använda både " +"en bestämd serveradress och tjänsteupptäckt genom att infoga ett speciellt " +"nyckelord, <quote>_srv_</quote>, i listan av servrar. Prefernsordningen " +"bibehålls. Denna funktion är användbar om, till exempel, användaren " +"föredrar att använda tjänsteupptäckt närhelst det är möjligt, och falla " +"tillbaka på en specifik server när inga servrar kan upptäckas med DNS." #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 @@ -14574,13 +15841,13 @@ msgstr "" #. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:42 msgid "See Also" -msgstr "" +msgstr "Se även" #. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:44 msgid "" "For more information on the service discovery mechanism, refer to RFC 2782." -msgstr "" +msgstr "För mer information om tjänsteupptäcktsmekanismen, se RFC 2782." #. type: Content of: <refentryinfo> #: include/upstream.xml:2 @@ -14588,16 +15855,18 @@ msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - https://pagure." "io/SSSD/sssd/</orgname>" msgstr "" +"<productname>SSSD</productname> <orgname>SSSD uppströms – https://pagure.io/" +"SSSD/sssd/</orgname>" #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" -msgstr "" +msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>" #. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" -msgstr "" +msgstr "RESERVER" #. type: Content of: <refsect1><para> #: include/failover.xml:4 @@ -14605,11 +15874,13 @@ msgid "" "The failover feature allows back ends to automatically switch to a different " "server if the current server fails." msgstr "" +"Reservfunktionen gör att bakändar automatiskt kan byta till en annan server " +"om den nuvarande servern slutar fungera." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" -msgstr "" +msgstr "Reservsyntax" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 @@ -14618,6 +15889,9 @@ msgid "" "is allowed around the comma. The servers are listed in order of preference. " "The list can contain any number of servers." msgstr "" +"Listand av servrar ges som en kommaseparerad lista; godtyckligt antal " +"mellanslag tillåts runt kommatecknet. Servrarna listas i preferensordning. " +"Listan kan innhålla obegränsat antal servrar." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:16 @@ -14630,11 +15904,18 @@ msgid "" "periodically try to reconnect to one of the primary servers. If it succeeds, " "it will replace the current active (backup) server." msgstr "" +"För varje reservaktiverad konfigurationsalternativ finns det två varianter: " +"<emphasis>primary</emphasis> och <emphasis>backup</emphasis>. Tanken är att " +"servrar i den primära listan föredras och backup-servrar bara provas om inga " +"primära servrar kan nås. Om en backup-server väljs sätts en tidsgräns på 31 " +"sekunder. Efter demma todsgräns kommer SSSD periodiskt att försöka " +"återansluta till en av de primära servrarna. Om det lyckas kommer den " +"ersätta den nu aktiva (backup-)servern." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:27 msgid "The Failover Mechanism" -msgstr "" +msgstr "Reservmekanismen" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:29 @@ -14649,6 +15930,15 @@ msgid "" "switches over to the next service. The machine is still considered online " "and might still be tried for another service." msgstr "" +"Reservmekanismen gör skillnad mellan en maskin och en tjänst. Bakänden " +"försöker först att slå upp värdnamnet för en given maskin; om denna " +"uppslagning misslyckas antas maskinen vara bortkopplad. Inga ytterligare " +"försök görs att ansluta till denna maskin för någon annan tjänst. Om " +"uppslagningsförsöket lyckas försöker bakänden ansluta till en tjänst på " +"denna maskin. OM tjänsteanslutningen misslyckas anses bara just denna " +"tjänst frånkopplad och bakänden byter automatiskt till nästa tjänst. " +"Maskinen betraktas fortfarande som uppkopplad och kan användas vid försök " +"att nå en annan tjänst." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:42 @@ -14657,6 +15947,9 @@ msgid "" "offline after a specified period of time; this is currently hard coded to 30 " "seconds." msgstr "" +"Ytterligare försök att ansluta görs till maskiner eller tjänster som " +"markerats som frånkopplade efter en viss tidsperiod, detta är för närvarande " +"hårdkodat till 30 sekunder." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:47 @@ -14664,11 +15957,13 @@ msgid "" "If there are no more machines to try, the back end as a whole switches to " "offline mode, and then attempts to reconnect every 30 seconds." msgstr "" +"Om det inte finns några fler maskiner att prova byter bakänden i sin helhet " +"till frånkopplat läge, och försöker sedan återansluta var 30:e sekund." #. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:53 msgid "Failover time outs and tuning" -msgstr "" +msgstr "Tidsgränser och trimning av reservfunktioner" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:55 @@ -14683,21 +15978,30 @@ msgid "" "timing out before a live server is contacted, you can consider changing the " "time outs." msgstr "" +"Att slå upp en server att ansluta till kan vara så enkelt som att göra en " +"enstaka DNS-fråga eller kan innebära flera steg, såsom att hitta den rätta " +"sajten eller försöka med flera värdnamn ifall några av de konfigurerade " +"servrarna inte kan nås. De mer komplexa scenariona kan ta en stund och SSSD " +"behöver balansera mellan att tillhandahålla tillräckligt med tid för att " +"färdigställa upplösningprocessen men å andra sidan inte försöka för länge " +"före den faller tillbaka på frånkopplat läge. Om SSSD:s felsökningloggar " +"visar att serverns upplösning överskrider tidsgränsen före en aktiv server " +"nås kan du överväga att ändra tidsgränserna." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:76 msgid "dns_resolver_op_timeout" -msgstr "" +msgstr "dns_resolver_op_timeout" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:80 msgid "How long would SSSD talk to a single DNS server." -msgstr "" +msgstr "Hur länge SSSD skall prata med en enskild DNS-server." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><term> #: include/failover.xml:86 msgid "dns_resolver_timeout" -msgstr "" +msgstr "dns_resolver_timeout" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: include/failover.xml:90 @@ -14706,6 +16010,9 @@ msgid "" "resolution internally might include several steps, such as resolving DNS SRV " "queries or locating the site." msgstr "" +"Hur länge skall SSSD försöka slå upp en reservtjänst. Denna " +"tjänsteuppslagning kan internt bestå av flera steg, såsom att slå upp DNS " +"SRV-frågor och lokalisera sajten." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:67 @@ -14715,6 +16022,10 @@ msgid "" "manvolnum> </citerefentry>, manual page. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" +"Detta avsnitt listar tillgängliga trimningsvariabler. Se deras beskrivning " +"i manualsidan <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:100 @@ -14725,11 +16036,16 @@ msgid "" "<quote>dns_resolver_timeout</quote> which in turn should be set to a larger " "value than <quote>dns_resolver_op_timeout</quote>." msgstr "" +"För LDAP-baserade leverantörer utförs uppslagningsoperationen som en del av " +"LDAP-anslutningsoperationen. Därför skall även tidsgränsen " +"<quote>ldap_opt_timeout></quote> sättas till ett större värde än " +"<quote>dns_resolver_timeout</quote> som i sin tur skall sättas till ett " +"större värde än <quote>dns_resolver_op_timeout</quote>." #. type: Content of: <refsect1><title> #: include/ldap_id_mapping.xml:2 msgid "ID MAPPING" -msgstr "" +msgstr "ID-MAPPNING" #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:4 @@ -14738,6 +16054,9 @@ msgid "" "without requiring administrators to extend user attributes to support POSIX " "attributes for user and group identifiers." msgstr "" +"ID-mappningsfunktionen låter SSD fungera som en klient till Active Directory " +"utan att kräva att administratörer utökar användarattribut till att stödja " +"POSIX-attribut för användar- och gruppidentifierare." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:9 @@ -14747,6 +16066,10 @@ msgid "" "assigned and manually-assigned values. If you need to use manually-assigned " "values, ALL values must be manually-assigned." msgstr "" +"OBSERVERA: När ID-mappning aktiveras ignoreras attributen uidNumber och " +"gidNumber. Detta är för att undvika möjligheten av konflikt mellan " +"automatiskt tilldelade och manuellt tilldelade värden. Om du behöver " +"använda manuellt tilldelade värden måste ALLA värden tilldelas manuellt." #. type: Content of: <refsect1><para> #: include/ldap_id_mapping.xml:16 @@ -14761,6 +16084,15 @@ msgid "" "<refentrytitle>sss_cache</refentrytitle> <manvolnum>8</manvolnum> </" "citerefentry> to remove the database, rather the process consists of:" msgstr "" +"Observera att byte av ID-mappnings relaterade konfigurationsalternativ " +"kommer få användar- och grupp-ID:n att ändras. För närvarande stödjer inte " +"SSSD byte av ID:n, så SSSD-databasen moste tas bort. Eftersom cachade " +"lösenord också lagras i databasen skall databasen bara tas bort när " +"autentiseringsservrarna kan nås, annars kan användare låsas ute. För att " +"cacha lösenordet måste en autentisering göras. Det är inte tillräckligt att " +"använda <citerefentry> <refentrytitle>sss_cache</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> för att ta bort databasen, istället " +"består processen av:" #. type: Content of: <refsect1><para><itemizedlist><listitem><para> #: include/ldap_id_mapping.xml:33 @@ -15575,6 +16907,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/tg.po b/src/man/po/tg.po index b642e0e5635..427aef37e0e 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -5,9 +5,9 @@ # Translators: msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:10+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -17,7 +17,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -292,11 +292,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Пешфарз: true" @@ -315,16 +315,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -349,8 +349,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -365,7 +365,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -445,7 +445,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -465,12 +465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -478,39 +478,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -634,9 +634,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -828,7 +828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -904,8 +904,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -965,8 +965,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1043,7 +1043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Пешфарз: 50" @@ -1061,7 +1061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Пешфарз: 15" @@ -1080,10 +1080,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 5400" msgid "Default: 14400 (4 hours)" -msgstr "Пешфарз: 5400" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1096,11 +1094,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1109,41 +1107,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Пешфарз: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1151,23 +1149,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1175,47 +1173,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1223,112 +1221,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Пешфарз: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1339,96 +1337,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1436,59 +1434,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1497,61 +1495,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1559,7 +1557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1568,17 +1566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1586,31 +1584,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1620,74 +1618,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1695,19 +1693,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1715,12 +1713,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1728,82 +1726,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Пешфарз: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1814,24 +1893,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1841,22 +1920,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1864,51 +1943,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1917,24 +1996,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1945,7 +2024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1956,24 +2035,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1981,12 +2060,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1995,24 +2074,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2022,66 +2101,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2089,17 +2168,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2107,7 +2186,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2115,22 +2194,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2139,14 +2218,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2155,38 +2234,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2195,24 +2274,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2221,29 +2300,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2257,14 +2336,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2273,39 +2352,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2314,19 +2393,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2337,151 +2416,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2489,24 +2568,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2515,17 +2594,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2534,34 +2613,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2569,7 +2648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2577,8 +2656,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2587,8 +2666,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2596,19 +2675,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2617,7 +2696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2625,22 +2704,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2652,7 +2731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2660,19 +2739,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2680,7 +2759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2688,35 +2767,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2724,19 +2803,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2745,7 +2824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2753,29 +2832,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2783,7 +2862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2791,35 +2870,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2827,32 +2906,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2863,7 +2942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2872,12 +2951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2885,7 +2964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2893,31 +2972,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2925,7 +3004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2934,17 +3013,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2952,43 +3031,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2996,7 +3075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3004,7 +3083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3012,24 +3091,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3037,12 +3116,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3052,7 +3131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3061,29 +3140,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3091,7 +3170,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3101,59 +3180,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3162,77 +3241,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3240,7 +3319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3248,17 +3327,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3266,34 +3345,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3301,32 +3380,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3336,34 +3415,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3371,12 +3450,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3384,26 +3463,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3411,7 +3544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3420,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3428,29 +3561,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3458,12 +3591,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3472,12 +3605,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3485,19 +3618,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3514,7 +3647,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3522,17 +3655,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3541,7 +3674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3551,7 +3684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3571,12 +3704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3584,73 +3717,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3658,17 +3791,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3677,17 +3810,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3695,17 +3828,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3713,17 +3846,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3734,64 +3867,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3821,7 +3954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3830,7 +3963,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3838,7 +3971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3987,7 +4120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Намунаҳо:" @@ -4082,123 +4215,164 @@ msgstr "Пешфарз: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "Пешфарз: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Пешфарз: парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4206,113 +4380,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4321,17 +4495,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4340,17 +4514,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4359,17 +4533,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4378,17 +4552,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4397,17 +4571,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4416,17 +4590,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4434,155 +4608,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4592,7 +4766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4600,51 +4774,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4653,24 +4827,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4678,7 +4852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4687,43 +4861,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4731,14 +4905,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4746,17 +4920,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4764,14 +4938,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4779,17 +4953,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4797,14 +4971,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4812,37 +4986,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4852,106 +5026,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4959,34 +5133,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4994,7 +5168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5004,7 +5178,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5014,17 +5188,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5032,14 +5206,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5047,7 +5221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5056,12 +5230,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5069,172 +5243,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5242,95 +5416,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5338,7 +5512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5346,12 +5520,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5359,12 +5533,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5375,12 +5549,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5389,12 +5563,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5403,34 +5577,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5438,14 +5612,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5453,17 +5627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5473,12 +5647,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5486,17 +5660,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5504,13 +5678,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5519,7 +5693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5527,26 +5701,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5554,7 +5728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5562,7 +5736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5570,41 +5744,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5613,32 +5787,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5646,24 +5820,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5671,17 +5845,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5692,29 +5866,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5727,7 +5901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5739,17 +5913,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5757,49 +5931,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5807,27 +5981,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5839,7 +6013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5847,7 +6021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5855,39 +6029,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5897,7 +6071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5905,26 +6079,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5932,7 +6106,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5940,31 +6114,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5973,56 +6147,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6038,12 +6212,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6052,14 +6226,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6068,24 +6242,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6093,19 +6267,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6114,7 +6288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6122,7 +6296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6131,7 +6305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6139,22 +6313,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6164,14 +6338,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6184,12 +6358,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6199,7 +6373,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6209,63 +6383,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6274,74 +6448,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6352,7 +6526,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6360,24 +6534,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6392,12 +6566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6405,208 +6579,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6614,101 +6788,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6717,111 +6891,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6830,32 +7004,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6864,22 +7038,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6888,14 +7062,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6903,7 +7077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6916,27 +7090,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6952,13 +7126,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7218,31 +7392,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7250,20 +7487,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8360,7 +8606,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8375,7 +8621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8390,12 +8636,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8416,12 +8662,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8445,17 +8691,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8463,7 +8709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8490,7 +8736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8503,12 +8749,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8527,50 +8773,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8681,26 +8927,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8719,7 +8965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9580,24 +9826,47 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: false" +msgid "Default: False (seconds)" +msgstr "Пешфарз: false" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9605,14 +9874,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9620,7 +9889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9631,79 +9900,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9711,7 +9944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9719,7 +9952,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9727,7 +9960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9739,22 +9972,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9762,7 +9995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9770,7 +10003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9778,7 +10011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9790,22 +10023,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9813,14 +10046,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9828,7 +10061,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9839,18 +10072,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9858,14 +10097,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9873,7 +10112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9884,19 +10123,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9904,7 +10143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9916,39 +10155,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9956,12 +10185,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9974,57 +10203,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10032,17 +10261,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10052,12 +10281,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10068,19 +10297,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10090,12 +10319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10103,7 +10332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10118,7 +10347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10127,7 +10356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10135,7 +10364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10145,7 +10374,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12852,7 +13081,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> @@ -12998,10 +13227,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: password" msgid "Default: /etc/passwd" -msgstr "Пешфарз: парол" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13018,10 +13245,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: true" msgid "Default: /etc/group" -msgstr "Пешфарз: true" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15516,6 +15741,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid "" diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 9f94ae249df..2751485c123 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -9,12 +9,13 @@ # Yuri Chornoivan <yurchor@ukr.net>, 2015. #zanata # Yuri Chornoivan <yurchor@ukr.net>, 2017. #zanata # Yuri Chornoivan <yurchor@ukr.net>, 2018. #zanata +# Yuri Chornoivan <yurchor@ukr.net>, 2019. #zanata msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" -"PO-Revision-Date: 2018-03-09 11:48+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" +"PO-Revision-Date: 2019-03-05 05:43+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/sssd/language/" "uk/)\n" @@ -24,7 +25,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -215,10 +216,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 -#, fuzzy -#| msgid "" -#| "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " -#| "(<quote>;</quote>). Inline comments are not supported." msgid "" "A comment line starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>). Inline comments are not supported." @@ -363,11 +360,11 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "Типове значення: true" @@ -389,16 +386,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -427,8 +424,8 @@ msgstr "" "самостійно." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "Типове значення: 10" @@ -443,7 +440,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "Параметри розділу" @@ -545,7 +542,7 @@ msgstr "" "ASCII, дефісів, крапок та знаків підкреслювання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -571,12 +568,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -588,32 +585,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -622,7 +619,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -789,9 +786,9 @@ msgstr "" "use_fully_qualified_names рівним False." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -890,10 +887,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:482 +#, fuzzy +#| msgid "" +#| "(NSS Version) This option must be used together with " +#| "ocsp_default_responder_signing_cert." msgid "" "This option must be used together with ocsp_default_responder_signing_cert." msgstr "" -"Цей параметр слід використовувати разом із параметром " +"(Версія з NSS) Цей параметр слід використовувати разом із параметром " "ocsp_default_responder_signing_cert." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> @@ -903,14 +904,19 @@ msgstr "ocsp_default_responder_signing_cert=НАЗВА" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:492 +#, fuzzy +#| msgid "" +#| "(NSS Version) The nickname of the cert to trust (expected) to sign the " +#| "OCSP responses. The certificate with the given nickname must be " +#| "available in the systems NSS database." msgid "" "The nickname of the cert to trust (expected) to sign the OCSP responses. " "The certificate with the given nickname must be available in the systems NSS " "database." msgstr "" -"Альтернативна назва сертифіката, якому слід довіряти (очікувано) для " -"підписування відповідей OCSP. Сертифікат із вказаною альтернативною назвою " -"має зберігатися у базі даних NSS системи." +"(Версія з NSS) Альтернативна назва сертифіката, якому слід довіряти " +"(очікувано) для підписування відповідей OCSP. Сертифікат із вказаною " +"альтернативною назвою має зберігатися у базі даних NSS системи." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:497 @@ -1009,20 +1015,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:563 -#, fuzzy -#| msgid "" -#| "Please, note that when this option is set the output format of all " -#| "commands is always fully-qualified even when using short names for " -#| "input. In case the administrator wants the output not fully-qualified, " -#| "the full_name_format option can be used as shown below: " -#| "<quote>full_name_format=%1$s</quote> However, keep in mind that during " -#| "login, login applications often canonicalize the username by calling " -#| "<citerefentry> <refentrytitle>getpwnam</refentrytitle> <manvolnum>3</" -#| "manvolnum> </citerefentry> which, if a shortname is returned for a " -#| "qualified input (while trying to reach a user which exists in multiple " -#| "domains) might re-route the login attempt into the domain which users " -#| "shortnames, making this workaround totally not recommended in cases where " -#| "usernames may overlap between domains." msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input, for all " @@ -1039,7 +1031,8 @@ msgid "" msgstr "" "Будь ласка, зауважте, що якщо встановлено цей параметр, для виведення даних " "усіма командами використовуватиметься повний формат, навіть якщо у вхідних " -"даних були скорочені назви. Якщо адміністратору потрібні скорочені дані у " +"даних були скорочені назви для усіх користувачів, окрім тих, які керуються " +"засобом надання даних файлів. Якщо адміністратору потрібні скорочені дані у " "виведенні, параметр full_name_format можна використати так: " "<quote>full_name_format=%1$s</quote> Втім, слід пам'ятати, що під час входу " "до облікового запису програми часто перетворюють ім'я користувача до " @@ -1052,7 +1045,7 @@ msgstr "" "різних доменах можуть бути однаковими." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "Типове значення: не встановлено" @@ -1149,8 +1142,8 @@ msgstr "" "до 10 секунд." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "Типове значення: 60" @@ -1227,8 +1220,8 @@ msgstr "" "і якщо служби активуються за допомогою або сокетів або D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "Типове значення: 300" @@ -1324,7 +1317,7 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "Типове значення: 50" @@ -1345,7 +1338,7 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "Типове значення: 15" @@ -1356,10 +1349,6 @@ msgstr "local_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:798 -#, fuzzy -#| msgid "" -#| "Specifies for how many seconds nss_sss should keep local users and groups " -#| "in negative cache before trying to look it up in the back end again." msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1367,14 +1356,13 @@ msgid "" msgstr "" "Визначає кількість секунд, протягом яких nss_sss має зберігати негативні " "результати пошуку у кеші користувачів і груп, перші ніж намагатися знову " -"шукати їх за допомогою модуля надання даних." +"шукати їх за допомогою модуля надання даних. Встановлення значення 0 вимикає " +"цю можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:804 -#, fuzzy -#| msgid "Default: 86400 (24 hours)" msgid "Default: 14400 (4 hours)" -msgstr "Типове значення: 86400 (24 години)" +msgstr "Типове значення: 14400 (4 години)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:809 @@ -1383,11 +1371,17 @@ msgstr "filter_users, filter_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:812 +#, fuzzy +#| msgid "" +#| "Exclude certain users or groups from being fetched from the sss NSS " +#| "database. This is particularly useful for system accounts. This option " +#| "can also be set per-domain or include fully-qualified names to filter " +#| "only users from the particular domain." msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" "Виключити певних користувачів або групи зі списку отримання даних з бази " "даних NSS sss. Таке виключення може бути корисним для облікових записів " @@ -1396,7 +1390,7 @@ msgstr "" "обмеження списку користувачами лише з певного домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1410,17 +1404,17 @@ msgstr "" "відфільтрованої групи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "Типове значення: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1428,12 +1422,12 @@ msgstr "" "встановіть для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "fallback_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1442,7 +1436,7 @@ msgstr "" "каталог не вказано явним чином засобом надання даних домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1450,7 +1444,7 @@ msgstr "" "для параметра override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1460,25 +1454,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Типове значення: не встановлено (без замін для невстановлених домашніх " "каталогів)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "override_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1490,19 +1484,19 @@ msgstr "" "або для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Типове значення: не встановлено (SSSD використовуватиме значення, отримане " "від LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "allowed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1510,13 +1504,13 @@ msgstr "" "визначення оболонки є таким:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1526,7 +1520,7 @@ msgstr "" "shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1535,14 +1529,14 @@ msgstr "" "<quote>/etc/shells</quote>, буде використано оболонку nologin." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" "Для визначення будь-якої командної оболонки можна скористатися шаблоном " "заміни (*)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1554,12 +1548,12 @@ msgstr "" "справою." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "Порожній рядок оболонки буде передано без обробки до libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1568,29 +1562,29 @@ msgstr "" "тобто у разі встановлення нової оболонки слід перезапустити SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Типове значення: не встановлено. Автоматично використовується оболонка " "користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "vetoed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Замінити всі записи цих оболонок на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "shell_fallback (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1598,17 +1592,17 @@ msgstr "" "системі не встановлено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "Типове значення: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1618,7 +1612,7 @@ msgstr "" "або на загальному рівні у розділі [nss], або окремо для кожного з доменів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1628,12 +1622,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1642,12 +1636,12 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1657,7 +1651,7 @@ msgstr "" "пам'яті." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1666,7 +1660,7 @@ msgstr "" "варто користуватися лише для тестування." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1676,12 +1670,12 @@ msgstr "" "пам’яті." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "user_attributes (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1698,7 +1692,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше), але без типових значень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1707,19 +1701,19 @@ msgstr "" "на те, чи не встановлено його для відповідача NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" "Типове значення: не встановлено, резервне значення визначається за " "параметром InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "pwfield (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -1728,13 +1722,13 @@ msgstr "" "груп, для поля <quote>password</quote>." #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" "Значення цього параметра можна встановлювати для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" @@ -1743,12 +1737,12 @@ msgstr "" "(файловий домен)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1757,12 +1751,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1772,17 +1766,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1791,12 +1785,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1806,7 +1800,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1818,17 +1812,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1837,43 +1831,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "pam_response_filter (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1887,7 +1881,7 @@ msgstr "" "встановлювати за допомогою pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -1897,37 +1891,37 @@ msgstr "" "повідомлень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "Не надсилати жодних змінних середовища до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "ENV:назва_змінної" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "Не надсилати змінної середовища назва_змінної до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "ENV:назва_змінної:служба" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "Не надсилати змінної середовища назва_змінної до вказаної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" @@ -1936,17 +1930,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "Приклад: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1957,7 +1951,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1971,18 +1965,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1993,7 +1987,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2003,7 +1997,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2012,17 +2006,17 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2038,13 +2032,13 @@ msgstr "" "під час запуску системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" "Типове значення: типово усі користувачі вважаються надійними (довіреними)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2053,12 +2047,12 @@ msgstr "" "відповідача PAM, навіть якщо користувача немає у списку pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "pam_public_domains (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2067,12 +2061,12 @@ msgstr "" "отримувати навіть ненадійні користувачі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "Визначено два спеціальних значення параметра pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2080,7 +2074,7 @@ msgstr "" "PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2089,18 +2083,18 @@ msgstr "" "відповідачі.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2109,7 +2103,7 @@ msgstr "" "замінити типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2119,7 +2113,7 @@ msgstr "" "(показувати усі повідомлення і діагностичні дані)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2129,12 +2123,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2143,7 +2137,7 @@ msgstr "" "типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2153,12 +2147,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2169,19 +2163,19 @@ msgstr "" "розпізнавання, типово таку сертифікацію вимкнено." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." @@ -2190,55 +2184,53 @@ msgstr "" "смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "Типове значення: 3" +msgstr "Типове значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 -#, fuzzy -#| msgid "Default: /etc/pki/nssdb (NSS version)" +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" -msgstr "Типове значення: /etc/pki/nssdb (версія NSS)" +msgstr "/etc/pki/nssdb (версія NSS, шлях до бази даних NSS)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" +"/etc/sssd/pki/sssd_auth_ca_db.pem (версія OpenSSL, шлях до файла із " +"довіреними сертифікатами служб сертифікації у форматі PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." -msgstr "" +msgstr "Цю сторінку підручника було створено для версії NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." -msgstr "" +msgstr "Цю сторінку підручника було створено для версії OpenSSL." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " "p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "pam_app_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2246,13 +2238,108 @@ msgstr "" "Визначає, яким службам PAM дозволено встановлювати з'єднання із доменами " "типу <quote>application</quote>" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "pam_p11_allowed_services (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" +"Список назв служб PAM, відокремлених комами, для яких буде дозволено " +"використання смарткарток." + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" +"Можна додати іншу назву служби PAM до типового набору за допомогою " +"конструкції «+назва_служби» або явним чином вилучити назву служби PAM з " +"типового набору за допомогою конструкції «-назва_служби». Наприклад, щоб " +"замінити типову назву служби PAM для розпізнавання за смарткарткою " +"(наприклад, «login») з нетиповою назвою служби PAM (наприклад, " +"«my_pam_service»), вам слід скористатися такими налаштуваннями: <placeholder " +"type=\"programlisting\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" +"Типове значення: типовий набір назв служб PAM складається з таких значень:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "login" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "su" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "su-l" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "gdm-smartcard" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "gdm-password" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "kdm" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "sudo" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "sudo-i" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "gnome-screensaver" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2270,12 +2357,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2284,12 +2371,12 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2305,22 +2392,22 @@ msgstr "" "sudo IPA та групових пошуків команд." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2331,22 +2418,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2354,12 +2441,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2368,43 +2455,36 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 -#, fuzzy -#| msgid "ldap_user_certificate (string)" +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" -msgstr "ldap_user_certificate (рядок)" +msgstr "ssh_use_certificate_keys (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 -#, fuzzy -#| msgid "" -#| "The skeleton directory, which contains files and directories to be copied " -#| "in the user's home directory, when the home directory is created by " -#| "<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" -#| "manvolnum> </citerefentry>" +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " "entry as well. See <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry> for details." msgstr "" -"Каркасний каталог, який містить файли і каталоги, які буде скопійовано до " -"домашнього каталогу користувача, коли такий домашній каталог створюється " -"командою <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " -"<manvolnum>8</manvolnum> </citerefentry>" +"Якщо встановлено значення true, <command>sss_ssh_authorizedkeys</command> " +"поверне ключі ssh, які походять від відкритого ключа сертифікатів X.509, які " +"також зберігаються у записі користувача. Докладніше про це на сторінці " +"підручника <citerefentry> <refentrytitle>sss_ssh_authorizedkeys</" +"refentrytitle> <manvolnum>1</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "ca_db (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -2413,12 +2493,12 @@ msgstr "" "перевірки сертифікатів користувачів до отримання з них відкритих ключів ssh." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2436,7 +2516,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2454,7 +2534,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2463,18 +2543,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2485,14 +2565,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2506,12 +2586,12 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -2520,12 +2600,12 @@ msgstr "" "використовувати для визначення членства користувача у групі." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "Параметри налаштовування запису сеансів" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2540,32 +2620,32 @@ msgstr "" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "Цими параметрами можна скористатися для налаштовування запису сеансів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Користувачі не записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -2574,17 +2654,17 @@ msgstr "" "<replaceable>користувачі</replaceable> і <replaceable>групи</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Усі користувачі записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2593,17 +2673,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2615,17 +2695,17 @@ msgstr "" "тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Типове значення: порожнє. Не відповідає жодному користувачу." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2637,7 +2717,7 @@ msgstr "" "символів тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2649,22 +2729,22 @@ msgstr "" "належить користувач." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Типове значення: порожнє. Не відповідає жодній групі." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "domain_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2677,7 +2757,7 @@ msgstr "" "з доменів POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -2686,7 +2766,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2698,7 +2778,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) і відповідача PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -2707,7 +2787,7 @@ msgstr "" "application з <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -2716,17 +2796,17 @@ msgstr "" "ласка, ознайомтеся із розділом <quote>Домени програм</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "Типове значення: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -2735,7 +2815,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2748,7 +2828,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -2757,17 +2837,17 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2780,22 +2860,22 @@ msgstr "" "мати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -2804,7 +2884,7 @@ msgstr "" "користувачів і груп із віддаленого сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2827,7 +2907,7 @@ msgstr "" "<quote>sssd_be</quote> або навіть перезапуску усього засобу стеження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -2837,7 +2917,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2851,7 +2931,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -2860,32 +2940,32 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2898,12 +2978,12 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -2912,7 +2992,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2929,17 +3009,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -2948,19 +3028,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -2969,12 +3049,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -2983,12 +3063,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -2997,12 +3077,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3011,12 +3091,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3025,12 +3105,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3040,12 +3120,12 @@ msgstr "" "вузла у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3055,7 +3135,7 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" @@ -3063,42 +3143,42 @@ msgstr "" "груп та мережевих груп у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3110,7 +3190,7 @@ msgstr "" "контрольної суми SHA512 у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -3120,17 +3200,17 @@ msgstr "" "мішенню атак із перебиранням паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "Типове значення: 8" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3143,17 +3223,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3166,17 +3246,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3184,38 +3264,32 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 -#, fuzzy -#| msgid "<quote>proxy</quote>: Support a legacy NSS provider" +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "«proxy»: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 -#, fuzzy -#| msgid "<quote>local</quote>: SSSD internal provider for local users" +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." -msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" +msgstr "" +"<quote>local</quote>: вбудований засіб SSSD для локальних користувачів " +"(ЗАСТАРІЛИЙ)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 -#, fuzzy -#| msgid "" -#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> " -#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> for more information on configuring LDAP." +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " "information on how to mirror local users and groups into SSSD." msgstr "" -"<quote>ldap</quote>: засіб LDAP. Докладніше про налаштовування LDAP можна " -"дізнатися з довідки до <citerefentry> <refentrytitle>sssd-ldap</" +"<quote>files</quote>: засіб надання даних FILES. Докладніше про те, як " +"працює віддзеркалення локальних користувачів і груп у SSSD, можна дізнатися " +"зі сторінки підручника <citerefentry> <refentrytitle>sssd-files</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3226,8 +3300,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3240,8 +3314,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3253,12 +3327,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3268,7 +3342,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3281,7 +3355,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3292,22 +3366,22 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "Типове значення: FALSE (TRUE, якщо використано default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3326,7 +3400,7 @@ msgstr "" "$groupname</quote> поверне запитану групу так, наче вона була порожня." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3337,12 +3411,12 @@ msgstr "" "учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3351,7 +3425,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3363,7 +3437,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3375,23 +3449,23 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3400,12 +3474,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3416,7 +3490,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3425,12 +3499,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3443,7 +3517,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3455,24 +3529,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — для трансляції керування доступом до іншого модуля " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -3481,7 +3555,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3493,7 +3567,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3505,18 +3579,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -3525,19 +3599,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3549,7 +3623,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -3558,7 +3632,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -3567,20 +3641,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3599,7 +3673,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3613,12 +3687,12 @@ msgstr "" "sudo у SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3629,7 +3703,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3641,14 +3715,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -3657,12 +3731,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -3672,7 +3746,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3684,7 +3758,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3697,17 +3771,17 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "session_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3719,14 +3793,14 @@ msgstr "" "постачальники даних сеансів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote>, щоб дозволити пов'язані із сеансами користувачів " "завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -3734,7 +3808,7 @@ msgstr "" "користувачів завдань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -3743,7 +3817,7 @@ msgstr "" "його встановлено і дозволено виконувати пов'язані із сеансами завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." @@ -3753,12 +3827,12 @@ msgstr "" "непривілейованого користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -3766,7 +3840,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3778,7 +3852,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3790,7 +3864,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3802,17 +3876,17 @@ msgstr "" "надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -3821,7 +3895,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3833,12 +3907,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3852,7 +3926,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3865,22 +3939,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -3889,7 +3963,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3900,7 +3974,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3908,19 +3982,25 @@ msgid "" "consider changing the re_expression value to: <quote>((?P<name>.+)@(?" "P<domain>[^@]+$))</quote>." msgstr "" +"Зауваження: у деяких групах Active Directory, типово, тих, які " +"використовуються для MS Exchange, назви містять символ <quote>@</quote>. " +"Такі назви конфліктують із типовим значенням re_expression для надавачів " +"даних AD та IPA. Щоб забезпечити підтримку таких груп, варто змінити " +"значення re_expression на таке: <quote>((?P<name>.+)@(?P<domain>" +"[^@]+$))</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -3929,48 +4009,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3983,7 +4063,7 @@ msgstr "" "роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -3992,18 +4072,18 @@ msgstr "" "більше про розв'язування питань, пов'язаних із службами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4012,54 +4092,54 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "case_sensitive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Враховується регістр. Це значення є некоректним для засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "Без врахування регістру." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4071,28 +4151,35 @@ msgstr "" "буде переведено у нижній регістр." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 +#, fuzzy +#| msgid "" +#| "Treat user and group names as case sensitive. <phrase condition=" +#| "\"enable_local_provider\"> At the moment, this option is not supported in " +#| "the local provider. </phrase> Possible option values are: <placeholder " +#| "type=\"variablelist\" id=\"0\"/>" msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Враховувати регістр записів імен користувачів та назв груп. У поточній " -"версії підтримку передбачено лише для локальних надавачів даних. Можливі " -"значення параметра: <placeholder type=\"variablelist\" id=\"0\"/>" +"Враховувати регістр записів імен користувачів та назв груп. <phrase " +"condition=\"enable_local_provider\"> У поточній версії підтримку передбачено " +"лише для локальних надавачів даних. </phrase> Можливі значення параметра: " +"<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "Типове значення: True (False для засобу надання даних AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4104,27 +4191,27 @@ msgstr "" "параметрів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -4133,7 +4220,7 @@ msgstr "" "ldap_krb5_keytab не встановлено явним чином)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4143,33 +4230,33 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Зауваження: цей параметр працює лише для засобів надання даних IPA і AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4184,7 +4271,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -4192,17 +4279,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -4210,12 +4297,12 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4226,12 +4313,12 @@ msgstr "" "реєстраційних даних, доки SSSD перебуває у режимі «у мережі»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "Спеціальне значення 0 означає, що цю можливість вимкнено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4242,22 +4329,85 @@ msgstr "" "обробки <quote>initgroups</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "auto_private_groups (рядок)" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +#, fuzzy +#| msgid "" +#| "If this option is enabled, SSSD will automatically create user private " +#| "groups based on user's UID number. The GID number is ignored in this case." msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." msgstr "" "Якщо увімкнено цей параметр, SSSD автоматично створюватиме приватні групи " "користувачів на основі номера UID користувача. Номер GID у цьому випадку " "ігноруватиметься." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +#, fuzzy +#| msgid "False" +msgid "false" +msgstr "False" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:2984 +#, fuzzy +#| msgid "" +#| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" +msgid "" +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "Доступні варіанти: <placeholder type=\"variablelist\" id=\"0\"/>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." @@ -4266,7 +4416,7 @@ msgstr "" "домену успадковується у піддомені." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -4277,7 +4427,7 @@ msgstr "" "впливатиме на піддомен." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4290,7 +4440,7 @@ msgstr "" "примусово встановлює унікальність записів у просторі ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4301,17 +4451,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -4320,12 +4470,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4336,12 +4486,12 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4356,12 +4506,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4373,7 +4523,7 @@ msgstr "" "використання черги запитів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -4382,12 +4532,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "Домени програм (application)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4415,7 +4565,7 @@ msgstr "" "який може успадковувати параметр з традиційного домену SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4426,17 +4576,17 @@ msgstr "" "його доменом-близнюком у POSIX має бути встановлено належним чином." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "Параметри доменів програм" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "inherit_from (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4448,7 +4598,7 @@ msgstr "" "розширюють або перевизначають параметри домену-<quote>близнюка</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4463,7 +4613,7 @@ msgstr "" "у кеші і робить атрибут phone доступним через інтерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -4497,12 +4647,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -4513,29 +4663,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -4544,17 +4694,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -4563,17 +4713,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -4582,12 +4732,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -4598,17 +4748,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -4621,17 +4771,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -4642,17 +4792,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -4663,17 +4813,17 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4691,52 +4841,52 @@ msgstr "" "такі параметри:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -4745,12 +4895,12 @@ msgstr "" "підручника." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИКЛАДИ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -4804,7 +4954,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -4817,7 +4967,7 @@ msgstr "" "\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -4827,7 +4977,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5017,7 +5167,7 @@ msgstr "" "специфікації http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "Приклади:" @@ -5136,53 +5286,98 @@ msgstr "Типове значення: rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 +#, fuzzy +#| msgid "ldap_group_modify_timestamp (string)" +msgid "ldap_pwmodify_mode (string)" +msgstr "ldap_group_modify_timestamp (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +#, fuzzy +#| msgid "Four schema types are currently supported:" +msgid "Two modes are currently supported:" +msgstr "У поточній версії передбачено підтримку чотирьох типів схем:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: gecos" +msgid "Default: exop" +msgstr "Типове значення: gecos" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:212 +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Типова назва домену прив’язки, яку слід використовувати для виконання дій " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "Тип розпізнавання для типової назви сервера прив’язки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "У поточній версії передбачено підтримку двох механізмів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "Типове значення: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." @@ -5191,72 +5386,72 @@ msgstr "" "передбачено підтримку лише паролів у форматі звичайного тексту." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "ldap_user_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "Клас об’єктів запису користувача у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "Типове значення: posixAccount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "ldap_user_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "Атрибут LDAP, що відповідає назві облікового запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Типове значення: uid (rfc2307, rfc2307bis і IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "ldap_user_uid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "Типове значення: uidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "ldap_user_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "Типове значення: gidNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "ldap_user_primary_group (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -5268,68 +5463,68 @@ msgstr "" "до ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "Типове значення: unset (LDAP), primaryGroupID (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "ldap_user_gecos (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "Атрибут LDAP, що відповідає полю gecos користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "Типове значення: gecos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "ldap_user_home_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "Атрибут LDAP, що містить назву домашнього каталогу користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "Типове значення: homeDirectory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "ldap_user_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" "Атрибут LDAP, що містить шлях до типової командної оболонки користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "Типове значення: loginShell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "ldap_user_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" @@ -5338,12 +5533,12 @@ msgstr "" "ipaUniqueID для IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "ldap_user_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." @@ -5352,19 +5547,19 @@ msgstr "" "потрібен лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" "Типове значення: objectSid для ActiveDirectory, не встановлено для інших " "серверів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -5373,17 +5568,17 @@ msgstr "" "об’єкта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "ldap_user_shadow_last_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5396,17 +5591,17 @@ msgstr "" "citerefentry> (дати останньої зміни пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "Типове значення: shadowLastChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "ldap_user_shadow_min (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5419,17 +5614,17 @@ msgstr "" "citerefentry> (мінімального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "Типове значення: shadowMin" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "ldap_user_shadow_max (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5442,17 +5637,17 @@ msgstr "" "citerefentry> (максимального віку пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "Типове значення: shadowMax" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "ldap_user_shadow_warning (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5465,17 +5660,17 @@ msgstr "" "citerefentry> (проміжку попередження щодо пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "Типове значення: shadowWarning" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "ldap_user_shadow_inactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -5488,17 +5683,17 @@ msgstr "" "citerefentry> (тривалості періоду невикористання пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "Типове значення: shadowInactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "ldap_user_shadow_expire (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -5512,17 +5707,17 @@ msgstr "" "строку дії пароля)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "Типове значення: shadowExpire" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "ldap_user_krb_last_pwd_change (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -5533,17 +5728,17 @@ msgstr "" "у kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "Типове значення: krbLastPwdChange" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "ldap_user_krb_password_expiration (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." @@ -5553,17 +5748,17 @@ msgstr "" "поточного пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "Типове значення: krbPasswordExpiration" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "ldap_user_ad_account_expires (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." @@ -5573,17 +5768,17 @@ msgstr "" "облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "Типове значення: accountExpires" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "ldap_user_ad_user_account_control (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." @@ -5593,17 +5788,17 @@ msgstr "" "облікового запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "Типове значення: userAccountControl" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "ldap_ns_account_lock (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." @@ -5612,17 +5807,17 @@ msgstr "" "цей параметр визначає, заборонено чи дозволено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "Типове значення: nsAccountLock" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "ldap_user_nds_login_disabled (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." @@ -5631,17 +5826,17 @@ msgstr "" "чи заборонено доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "Типове значення: loginDisabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "ldap_user_nds_login_expiration_time (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." @@ -5650,12 +5845,12 @@ msgstr "" "якої надано доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "ldap_user_nds_login_allowed_time_map (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." @@ -5664,17 +5859,17 @@ msgstr "" "тижня, коли надається доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "Типове значення: loginAllowedTimeMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "ldap_user_principal (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." @@ -5682,17 +5877,17 @@ msgstr "" "Атрибут LDAP, що містить Kerberos User Principal Name (UPN) користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "Типове значення: krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "ldap_user_extra_attrs (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." @@ -5701,7 +5896,7 @@ msgstr "" "звичайним набором атрибутів запису користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -5716,7 +5911,7 @@ msgstr "" "де налаштовано декілька доменів SSSD з різними схемами LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -5727,12 +5922,12 @@ msgstr "" "назв атрибутів використано як назву додаткового атрибута." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "ldap_user_extra_attrs = telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." @@ -5740,39 +5935,39 @@ msgstr "" "Зберегти атрибут «telephoneNumber» з LDAP як «telephoneNumber» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "ldap_user_extra_attrs = phone:telephoneNumber" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "Зберегти атрибут «telephoneNumber» з LDAP як «phone» до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "ldap_user_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "Типове значення: sshPublicKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5786,12 +5981,12 @@ msgstr "" "області у верхньому регістрі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -5800,12 +5995,12 @@ msgstr "" "свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5816,7 +6011,7 @@ msgstr "" "цих записів з метою економії місця." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5830,43 +6025,43 @@ msgstr "" "кожні 3 години." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "ldap_user_fullname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "Атрибут LDAP, що відповідає повному імені користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "Типове значення: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "ldap_user_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "Типове значення: memberOf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "ldap_user_authorized_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -5877,7 +6072,7 @@ msgstr "" "LDAP для визначення прав доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." @@ -5886,7 +6081,7 @@ msgstr "" "(svc) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -5897,17 +6092,17 @@ msgstr "" "система змогла скористатися параметром ldap_user_authorized_service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "Типове значення: authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "ldap_user_authorized_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -5918,7 +6113,7 @@ msgstr "" "доступу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." @@ -5927,7 +6122,7 @@ msgstr "" "(host) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -5938,17 +6133,17 @@ msgstr "" "скористатися параметром ldap_user_authorized_host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "Типове значення: host" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "ldap_user_authorized_rhost (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -5959,7 +6154,7 @@ msgstr "" "доступу. Те саме стосується і процесу перевірки вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." @@ -5968,7 +6163,7 @@ msgstr "" "(rhost) і нарешті загальні дозволи або allow_all (*)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -5979,38 +6174,38 @@ msgstr "" "скористатися параметром ldap_user_authorized_rhost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "Типове значення: rhost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "ldap_user_certificate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "Назва атрибута LDAP, що містить сертифікат X509 користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "Типове значення: userCertificate;binary" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "ldap_user_email (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" "Назва атрибута LDAP, який містить адресу електронної пошти користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -6026,82 +6221,82 @@ msgstr "" "вхід до системи за адресою електронної пошти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "Типове значення: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "ldap_group_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "Клас об’єктів запису групи у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "Типове значення: posixGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "ldap_group_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "Атрибут LDAP, що відповідає назві групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "Типове значення: cn (rfc2307, rfc2307bis і IPA), sAMAccountName (AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "ldap_group_gid_number (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "Атрибут LDAP, що відповідає ідентифікатору групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "ldap_group_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "Атрибут LDAP, у якому містяться імена учасників групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "ldap_group_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "ldap_group_objectsid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." @@ -6110,17 +6305,17 @@ msgstr "" "лише для серверів ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "ldap_group_type (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." @@ -6129,7 +6324,7 @@ msgstr "" "можливо, інші прапорці." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -6140,19 +6335,19 @@ msgstr "" "відфільтровано у списку надійних (довірених) доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" "Типове значення: groupType у засобі надання даних AD, у інших засобах не " "встановлено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "ldap_group_external_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." @@ -6162,19 +6357,19 @@ msgstr "" "записів учасників IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" "Типове значення: ipaExternalMember у засобі надання даних IPA, у інших " "засобах не визначено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6186,7 +6381,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6202,7 +6397,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6218,80 +6413,64 @@ msgstr "" "обмеження вкладеності у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 +#, fuzzy +#| msgid "ldap_group_search_base" msgid "ldap_groups_use_matching_rule_in_chain" -msgstr "ldap_groups_use_matching_rule_in_chain" +msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " "complex or deep nested groups." msgstr "" -"За допомогою цього параметра можна наказати SSSD скористатися перевагами " -"специфічної для Active Directory можливості, яка надає змогу пришвидшити дії " -"з пошуку груп у мережах зі складною системою груп або системою груп з " -"високим рівнем вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" -"Здебільшого, не варто вмикати цю можливість. Пришвидшення за її допомогою " -"можна буде спостерігати лише у дуже складних випадках вкладеності груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " "\"auto-detect\"." msgstr "" -"Якщо увімкнено цей параметр, SSSD використовуватиме можливість, якщо під час " -"початкового сеансу з’єднання виявить, що на сервері передбачено підтримку " -"можливості. Отже, насправді значення «True» означає «визначити автоматично»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" "windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " "for more details." msgstr "" -"Зауваження: відомо, що у поточній версії цією можливістю можна скористатися " -"лише для Active Directory 2008 R1 та пізніших версій. Докладніше про це " -"можна дізнатися з <ulink url=\"http://msdn.microsoft.com/en-us/library/" -"windows/desktop/aa746475%28v=vs.85%29.aspx\">документації MSDN(TM)</ulink>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " "dealing with complex or deep nested groups)." msgstr "" -"За допомогою цього параметра можна наказати SSSD скористатися перевагами " -"специфічної для Active Directory можливості, яка може пришвидшити дії з " -"початковими групами (initgroups). Особливо помітним таке пришвидшення є у " -"системах зі складною системою груп або системою груп з високим рівнем " -"вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6301,168 +6480,168 @@ msgstr "" "Directory Server 2008 та новіших версій." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "Типове значення: True для AD і IPA, інакше False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "Цим параметром не можна скористатися у надавачі даних IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "ldap_host_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "Клас об’єктів запису вузла у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "ldap_host_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "Атрибут LDAP, що відповідає назві вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "ldap_host_fqdn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "Атрибут LDAP, що відповідає повній назві вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "Типове значення: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "ldap_host_serverhostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "Типове значення: serverHostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "ldap_host_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь вузол." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -6472,47 +6651,47 @@ msgstr "" "налаштування декількох основ пошуку." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "ldap_host_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "ldap_host_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта вузла LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "Клас об’єктів запису служби у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -6520,48 +6699,48 @@ msgstr "" "Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6572,7 +6751,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6583,12 +6762,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6599,12 +6778,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6621,12 +6800,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6640,12 +6819,12 @@ msgstr "" "розширеної операції зі зміни пароля та дії StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6659,17 +6838,17 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6679,17 +6858,17 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6700,7 +6879,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6710,7 +6889,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6721,17 +6900,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6747,12 +6926,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6763,19 +6942,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6787,7 +6966,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -6795,7 +6974,7 @@ msgstr "" "(розіменуванням), якщо вкажете значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6808,7 +6987,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6819,12 +6998,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6834,7 +7013,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6843,7 +7022,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6855,7 +7034,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6866,7 +7045,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6877,22 +7056,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6901,7 +7080,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6910,12 +7089,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6928,32 +7107,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6965,12 +7144,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -6979,12 +7158,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6996,19 +7175,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7028,18 +7207,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -7048,12 +7227,12 @@ msgstr "" "перевірено і підтримується лише механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -7064,16 +7243,16 @@ msgid "" "host/*\n" " " msgstr "" +"hostname@REALM\n" +"netbiosname$@REALM\n" +"host/hostname@REALM\n" +"*$@REALM\n" +"host/*@REALM\n" +"host/*\n" +" " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 -#, fuzzy -#| msgid "" -#| "Specify the SASL authorization id to use. When GSSAPI is used, this " -#| "represents the Kerberos principal used for authentication to the " -#| "directory. This option can either contain the full principal (for " -#| "example host/myhost@EXAMPLE.COM) or just the principal name (for example " -#| "host/myhost)." +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -7083,25 +7262,27 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> If none of them are found, " "the first principal in keytab is returned." msgstr "" -"Визначає ідентифікатор уповноваження SASL, який слід використовувати. Якщо " -"використано GSSAPI, відповідає реєстраційному запису Kerberos, який " -"використовується для розпізнавання під час доступу до каталогу. У цьому " -"параметрів можуть зберігатися або реєстраційні дані повністю (наприклад host/" -"myhost@EXAMPLE.COM) або лише назва реєстраційного запису (наприклад host/" -"myhost)." +"Визначає ідентифікатор уповноваження SASL, яким слід скористатися. Якщо " +"використовується GSSAPI, цим ідентифікатором є реєстраційні дані Kerberos, " +"які використовуються для розпізнавання при доступі до каталогу. Цей параметр " +"може містити або повні реєстраційні дані (наприклад host/myhost@EXAMPLE.COM) " +"або просто назву реєстраційного запису (наприклад host/myhost). Типово, " +"значення не встановлено і використовуються такі реєстраційні записи: " +"<placeholder type=\"programlisting\" id=\"0\"/> Якщо жоден з них не буде " +"знайдено, буде повернуто перший реєстраційний запис у таблиці ключів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7113,17 +7294,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -7133,34 +7314,34 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7171,27 +7352,27 @@ msgstr "" "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7210,7 +7391,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7222,7 +7403,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7233,29 +7414,29 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7265,12 +7446,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7285,7 +7466,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7296,12 +7477,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7310,7 +7491,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7319,7 +7500,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7330,7 +7511,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7341,7 +7522,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7351,18 +7532,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7371,7 +7552,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7385,28 +7566,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7415,17 +7596,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7434,12 +7615,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7468,12 +7649,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7485,7 +7666,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7494,7 +7675,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7508,17 +7689,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7527,7 +7708,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7538,12 +7719,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7552,7 +7733,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7565,7 +7746,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7576,7 +7757,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7589,7 +7770,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7600,24 +7781,24 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7632,7 +7813,7 @@ msgstr "" "для працездатності цієї можливості слід встановити «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -7642,7 +7823,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7665,13 +7846,13 @@ msgstr "" "параметра слід встановити значення «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7686,7 +7867,7 @@ msgstr "" "наприклад на ключах SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -7701,7 +7882,7 @@ msgstr "" "негайно змінити пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" @@ -7709,7 +7890,7 @@ msgstr "" "від SSSD не надходитиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." @@ -7719,7 +7900,7 @@ msgstr "" "параметра «ldap_pwd_policy» відповідні правила поводження із паролями." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7728,14 +7909,14 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -7744,7 +7925,7 @@ msgstr "" "того, чи матиме віддалений вузол доступ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -7754,12 +7935,12 @@ msgstr "" "керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7768,12 +7949,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7787,22 +7968,22 @@ msgstr "" "можна буде перевірити належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7811,13 +7992,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7827,7 +8008,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7836,7 +8017,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7845,7 +8026,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7854,12 +8035,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7868,7 +8049,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7886,7 +8067,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7898,12 +8079,12 @@ msgstr "" "групами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -7912,14 +8093,14 @@ msgstr "" "пошуку з використанням символів-замінників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "У поточній версії пошук із використанням символів-замінників передбачено " "лише для відповідача InfoPipe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "Типове значення: 1000 (часто розмір однієї сторінки)" @@ -7939,12 +8120,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7955,52 +8136,52 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -8009,17 +8190,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -8028,32 +8209,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -8062,17 +8243,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -8081,17 +8262,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -8099,49 +8280,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -8151,7 +8332,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -8160,17 +8341,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -8181,7 +8362,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -8190,12 +8371,12 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -8205,12 +8386,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -8219,7 +8400,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -8228,8 +8409,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -8238,17 +8419,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -8257,7 +8438,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8266,12 +8447,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8280,12 +8461,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8294,7 +8475,7 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8307,12 +8488,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -8321,49 +8502,49 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" "Типове значення: nisMap (rfc2307, autofs_provider=ad), у інших випадках " "automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" @@ -8371,12 +8552,12 @@ msgstr "" "automountMapName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." @@ -8385,19 +8566,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" "Типове значення: nisObject (rfc2307, autofs_provider=ad), у інших випадках " "automount" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -8406,19 +8587,19 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" "Типове значення: cn (rfc2307, autofs_provider=ad), у інших випадках " "automountKey" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" @@ -8427,7 +8608,7 @@ msgstr "" "automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -8440,32 +8621,32 @@ msgstr "" "\"variablelist\" id=\"4\"/> <placeholder type=\"variablelist\" id=\"5\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8478,22 +8659,22 @@ msgstr "" "груп показуються неправильно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8506,14 +8687,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8524,7 +8705,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8544,20 +8725,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИКЛАД ФІЛЬТРА ДОСТУПУ LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -8566,7 +8747,7 @@ msgstr "" "чином і використано ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8592,13 +8773,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -8622,6 +8803,21 @@ msgstr "модуль PAM для SSSD" #. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:22 +#, fuzzy +#| msgid "" +#| "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> " +#| "</arg> <arg choice='opt'> <replaceable>ignore_unknown_user</replaceable> " +#| "</arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>domains=X</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>allow_missing_name</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>prompt_always</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>try_cert_auth</" +#| "replaceable> </arg> <arg choice='opt'> <replaceable>require_cert_auth</" +#| "replaceable> </arg>" msgid "" "<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" "replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" @@ -8643,7 +8839,9 @@ msgstr "" "arg> <arg choice='opt'> <replaceable>ignore_authinfo_unavail</replaceable> </" "arg> <arg choice='opt'> <replaceable>domains=X</replaceable> </arg> <arg " "choice='opt'> <replaceable>allow_missing_name</replaceable> </arg> <arg " -"choice='opt'> <replaceable>prompt_always</replaceable> </arg>" +"choice='opt'> <replaceable>prompt_always</replaceable> </arg> <arg " +"choice='opt'> <replaceable>try_cert_auth</replaceable> </arg> <arg " +"choice='opt'> <replaceable>require_cert_auth</replaceable> </arg>" #. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:58 @@ -8937,49 +9135,142 @@ msgstr "Додаток локатора Kerberos" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" -msgstr "" -"Додаток пошуку Kerberos <command>sssd_krb5_locator_plugin</command> " -"використовується засобом обробки Kerberos <citerefentry> " -"<refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " -"для сповіщення бібліотек Kerberos яку область і KDC слід використовувати. " -"Типово, таке сповіщення виконується за допомогою <citerefentry> " +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." +msgstr "" +"Для пошуку KDC для вказаної області Kerberos libkrb5 використовує додаток " +"пошуку Kerberos <command>sssd_krb5_locator_plugin</command>. SSSD надає " +"такий додаток для спрямовування усіх клієнтів Kerberos у системі до єдиного " +"KDC. Загалом, немає значення, з яким KDC клієнт обмінюється даними. Втім, " +"бувають випадки, наприклад, після зміни пароля, коли не усі KDC перебувають " +"в одному стані, оскільки нові дані має бути спочатку відтворено на усіх " +"серверах. Щоб уникнути неочікуваних помилок під час розпізнавання або навіть " +"блокування облікових записів, варто примусово обмежувати обмін даними до " +"одного KDC якомога довше." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:34 +msgid "" +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " "<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, файла, читання якого завжди виконується бібліотеками " -"Kerberos. Щоб спростити налаштування, область та KDC можна визначити у " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> у спосіб, описаний на сторінці довідки " -"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry>" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." +msgstr "" +"libkrb5 шукатиме додаток пошуку у підкаталозі libkrb5 каталогу додатків " +"Kerberos, див. plugin_base_dir у <citerefentry> <refentrytitle>krb5.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, щоб дізнатися " +"більше. Додаток можна вимкнути лише вилученням файла додатка. У " +"налаштуваннях Kerberos не передбачено пунктів для його вимикання. Втім, для " +"вимикання додатка для окремих команд можна скористатися змінною середовища " +"SSSD_KRB5_LOCATOR_DISABLE. Крім того, можна скористатися параметром SSSD " +"krb5_use_kdcinfo=False з метою заборони створення даних, які потрібні для " +"роботи додатка. Якщо визначити цю змінну, додаток викликатиметься, але не " +"надаватиме дані функції виклику, отже libkrb5 зможе повернутися до інших " +"методів, які визначено у krb5.conf." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +#, fuzzy +#| msgid "" +#| "The plugin reads the information about the KDCs of a given realm from a " +#| "file called <filename>kdcinfo.REALM</filename>. The file should contain " +#| "one or more IP addresses either in dotted-decimal IPv4 notation or the " +#| "hexadecimal IPv6 notation. An optional port number can be added to the " +#| "end separated with a colon, the IPv6 address has to be enclosed in " +#| "squared brackets in this case as usual. Valid entries are:" +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" +"Додаток читає дані щодо KDC вказаної області з файла із назвою " +"<filename>kdcinfo.REALM</filename>. Цей файл має містити одну або декілька " +"IP-адрес або у форматі чисел, які відокремлено крапками, IPv4, або у " +"шістнадцятковому форматі IPv6. Можна додати необов'язковий номер порту " +"наприкінці, відокремивши його від решти запису двокрапкою. У цьому випадку, " +"як завжди, адресу IPv6 слід взяти у квадратні дужки. Коректними вважаються " +"такі записи:" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "1.2.3.4" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "5.6.7.8:99" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "2001:db8:85a3::8a2e:370:7334" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "[2001:db8:85a3::8a2e:370:7334]:321" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:65 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." msgstr "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> зберігає область і назву або IP-адресу KDC у змінних " -"середовища SSSD_KRB5_REALM і SSSD_KRB5_KDC, відповідно. Якщо програма " -"<command>sssd_krb5_locator_plugin</command> викликається бібліотеками " -"kerberos, ця програма читає і визначає ці змінні і повертає їхні значення " -"бібліотекам." +"Надавач даних розпізнавання krb5 SSSD, який використовується також " +"надавачами даних IPA та AD, додає до цього файла адресу поточного KDC або " +"контролера домену, який використовує SSSD." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:63 +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" +"У середовищах із придатними лише для читання або для читання запису KDC, де, " +"як очікується, клієнти використовуватимуть придатні лише для читання " +"екземпляри для виконання загальних завдань і користуватиметься призначеними " +"для запису KDC лише для внесення змін до налаштувань, зокрема зміни паролів, " +"<filename>kpasswdinfo.REALM</filename> також використовується для визначення " +"придатних до читання і запису KDC. Якщо цей файл існує для вказаної області, " +"його вміст буде використано додатком для надання відповідей на запити щодо " +"сервера kpasswd або kadmin чи щодо певного основного KDC MIT Kerberos. Якщо " +"адреса містить номер порту, для останньої мети використовуватиметься типовий " +"порт KDC 88." + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -8991,7 +9282,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." @@ -9000,7 +9291,7 @@ msgstr "" "SSSD_KRB5_LOCATOR_DEBUG, діагностичні повідомлення надсилатимуться до stderr." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " @@ -9010,6 +9301,23 @@ msgstr "" "SSSD_KRB5_LOCATOR_DISABLE, додаток буде вимкнено і поверне функції виклику " "лише KRB5_PLUGIN_NO_HANDLE." +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +#, fuzzy +#| msgid "" +#| "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " +#| "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " +#| "caller." +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" +"Якщо встановлено будь-яке значення для змінної середовища " +"SSSD_KRB5_LOCATOR_DISABLE, додаток буде вимкнено і поверне функції виклику " +"лише KRB5_PLUGIN_NO_HANDLE." + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -9264,11 +9572,6 @@ msgstr "ПРІОРИТЕТНІСТЬ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:45 -#, fuzzy -#| msgid "" -#| "The rules are processed by priority while the number '0' (zero) " -#| "indicates the highest priority. The higher the number the lower is the " -#| "priority. A missing value indicates the lowest priority." msgid "" "The rules are processed by priority while the number '0' (zero) indicates " "the highest priority. The higher the number the lower is the priority. A " @@ -9278,7 +9581,8 @@ msgstr "" "Правила оброблятимуться за пріоритетністю, номер «0» (нуль) відповідає " "найвищому рівню пріоритетності. Чим більшим є значення, тим нижчою є " "пріоритетність. Якщо значення не вказано, пріоритетність вважається " -"найнижчою." +"найнижчою. Обробку правил буде зупинено, якщо вдасться знайти відповідність " +"правилу, подальші правила не оброблятимуться." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:52 @@ -10360,7 +10664,7 @@ msgstr "" "цього вузла. Назву вузла слід вказувати повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -10380,7 +10684,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10401,12 +10705,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10433,12 +10737,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10471,17 +10775,17 @@ msgstr "" "для з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Приклад: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "dyndns_auth (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10492,7 +10796,7 @@ msgstr "" "можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "Типове значення: GSS-TSIG" @@ -10527,7 +10831,7 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" @@ -10544,12 +10848,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10573,12 +10877,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10587,17 +10891,17 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "dyndns_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -10607,7 +10911,7 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." @@ -10616,7 +10920,7 @@ msgstr "" "DNS відрізняється від сервера профілів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." @@ -10626,7 +10930,7 @@ msgstr "" "невдало." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" @@ -10754,12 +11058,12 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -10768,7 +11072,7 @@ msgstr "" "налаштувань Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -10777,7 +11081,7 @@ msgstr "" "значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -10802,7 +11106,7 @@ msgstr "" "щодо профілів станції." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" @@ -11147,10 +11451,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:732 -#, fuzzy -#| msgid "TRUSTED DOMAIN SECTION" msgid "TRUSTED DOMAINS CONFIGURATION" -msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" +msgstr "НАЛАШТОВУВАННЯ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:738 @@ -11159,39 +11461,33 @@ msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" "ad_server = dc.ad.domain.com\n" msgstr "" +"[domain/ipa.domain.com/ad.domain.com]\n" +"ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:734 -#, fuzzy -#| msgid "" -#| "These configuration options can be present in a domain configuration " -#| "section, that is, in a section called <quote>[domain/<replaceable>NAME</" -#| "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "Some configuration options can be also set for a trusted domain. A trusted " "domain configuration can either be done using a subsection, for example: " "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -"Ці параметри налаштування може бути вказано у розділі налаштування домену, " -"тобто у розділі з назвою <quote>[domain/<replaceable>НАЗВА</replaceable>]</" -"quote> <placeholder type=\"variablelist\" id=\"0\"/>" +"Для довіреного домену можна також встановити деякі параметри налаштовування. " +"Налаштовування довіреного домену можна виконати за допомогою підрозділу, " +"приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:743 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "In addition, some options can be set in the parent domain and inherited by " "the trusted domain using the <quote>subdomain_inherit</quote> option. For " "more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" -"З докладнішими відомостями щодо параметра «dns_discovery_domain» можна " -"ознайомитися на сторінці підручника (man) <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +"Крім того, деякі параметри можна встановити у батьківському домені і " +"успадкувати для довіреного домену за допомогою параметра " +"<quote>subdomain_inherit</quote>. Щоб дізнатися більше, ознайомтеся зі " +"сторінкою підручника <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:753 @@ -11199,70 +11495,61 @@ msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" +"Перелік параметрів налаштовування для довіреного домену залежить від того, " +"як ви налаштували SSSD на сервері IPA або клієнт IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:758 msgid "OPTIONS TUNABLE ON IPA MASTERS" -msgstr "" +msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА ОСНОВНИХ СЕРВЕРАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:760 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" +"У розділі піддомену на основному сервері IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:764 sssd-ipa.5.xml:794 -#, fuzzy -#| msgid "ad_server," msgid "ad_server" -msgstr "ad_server," +msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:767 -#, fuzzy -#| msgid "ad_backup_server," msgid "ad_backup_server" -msgstr "ad_backup_server," +msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:770 sssd-ipa.5.xml:797 -#, fuzzy -#| msgid "ad_site," msgid "ad_site" -msgstr "ad_site," +msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:773 -#, fuzzy -#| msgid "ldap_search_base," msgid "ldap_search_base" -msgstr "ldap_search_base," +msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:776 -#, fuzzy -#| msgid "ldap_user_search_base," msgid "ldap_user_search_base" -msgstr "ldap_user_search_base," +msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sssd-ipa.5.xml:779 -#, fuzzy -#| msgid "ldap_group_search_base," msgid "ldap_group_search_base" -msgstr "ldap_group_search_base," +msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd-ipa.5.xml:788 msgid "OPTIONS TUNABLE ON IPA CLIENTS" -msgstr "" +msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА КЛІЄНТАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:790 msgid "" "The following options can be set in a subdomain section on an IPA client:" -msgstr "" +msgstr "У розділі піддомену на клієнті IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:802 @@ -11270,6 +11557,8 @@ msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" +"Зауважте, що якщо встановлено обидва параметри, буде враховано лише " +"<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd-ipa.5.xml:806 @@ -11284,6 +11573,15 @@ msgid "" "<manvolnum>8</manvolnum> </citerefentry> manual page for more details on the " "Kerberos locator plugin." msgstr "" +"Оскільки будь-який запит щодо ідентифікації користувача або групи від " +"довіреного домену, який започатковано клієнтом IPA, обробляється сервером " +"IPA, параметри <quote>ad_server</quote> і <quote>ad_site</quote> впливають " +"лише на те, який з DC AD виконуватиме процедуру розпізнавання. Зокрема, " +"адреси, які визначено за цими списками, буде записано до файлів " +"<quote>kdcinfo</quote>, читання яких виконуватиметься додатком пошуку " +"Kerberos. Будь ласка, зверніться до сторінки підручника щодо <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку Kerberos." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:830 @@ -11445,21 +11743,6 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:85 -#, fuzzy -#| msgid "" -#| "By default, the AD provider will map UID and GID values from the " -#| "objectSID parameter in Active Directory. For details on this, see the " -#| "<quote>ID MAPPING</quote> section below. If you want to disable ID " -#| "mapping and instead rely on POSIX attributes defined in Active Directory, " -#| "you should set <placeholder type=\"programlisting\" id=\"0\"/> If POSIX " -#| "attributes should be used, it is recommended for performance reasons that " -#| "the attributes are also replicated to the Global Catalog. If POSIX " -#| "attributes are replicated, SSSD will attempt to locate the domain of a " -#| "requested numerical ID with the help of the Global Catalog and only " -#| "search that domain. In contrast, if POSIX attributes are not replicated " -#| "to the Global Catalog, SSSD must search all the domains in the forest " -#| "sequentially. Please note that the <quote>cache_first</quote> option " -#| "might be also helpful in speeding up domainless searches." msgid "" "By default, the AD provider will map UID and GID values from the objectSID " "parameter in Active Directory. For details on this, see the <quote>ID " @@ -11490,7 +11773,9 @@ msgstr "" "навпаки, якщо реплікація атрибутів POSIX до загального каталогу не " "відбувається, SSSD доводиться шукати на усіх доменах у лісі послідовно. Будь " "ласка, зауважте, що для пришвидшення пошуку без доменів також може бути " -"корисним використання параметра <quote>cache_first</quote>." +"корисним використання параметра <quote>cache_first</quote>. Зауважте, що " +"якщо у загальному каталозі є лише підмножина атрибутів POSIX, у поточній " +"версії невідтворювані атрибути з порту LDAP не читатимуться." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-ad.5.xml:108 @@ -11944,11 +12229,42 @@ msgstr "Типове значення: enforcing" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 +msgid "ad_gpo_implicit_deny (boolean)" +msgstr "ad_gpo_implicit_deny (булеве значення)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:424 +msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" +"Зазвичай, якщо не буде знайдено відповідних GPO, користувачам буде надано " +"доступ. Якщо для цього параметра встановлено значення True, доступ " +"користувачам надаватиметься, лише якщо його явним чином дозволено правилом " +"GPO. Якщо ж такого дозвільного правила не буде виявлено, доступ буде " +"заборонено. Цим можна скористатися для підвищення рівня захисту, але слід " +"бути обережним із використанням цього параметра, оскільки за його допомогою " +"можна заборонити доступ навіть користувачам у вбудованій групі " +"Administrators, якщо немає правил GPO, якими надається такий доступ." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +#, fuzzy +#| msgid "Default: 5 (seconds)" +msgid "Default: False (seconds)" +msgstr "Типове значення: 5 (секунд)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 msgid "ad_gpo_cache_timeout (integer)" msgstr "ad_gpo_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:424 +#: sssd-ad.5.xml:445 msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " @@ -11959,12 +12275,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "ad_gpo_map_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -11975,7 +12291,7 @@ msgstr "" "InteractiveLogonRight і DenyInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." @@ -11985,7 +12301,7 @@ msgstr "" "вхід» («Deny log on locally»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -11995,7 +12311,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12011,82 +12327,45 @@ msgstr "" "замінити типову назву служби PAM для цього входу (наприклад, «login») з " "нетиповою назвою служби pam (наприклад, «my_pam_service»), вам слід " "скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id=" -"\"0\"/>" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" -"Типове значення: типовий набір назв служб PAM складається з таких значень:" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "login" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "su" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "su-l" +"\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "gdm-fingerprint" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "gdm-password" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "gdm-smartcard" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "kdm" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "lightdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "lxdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "sddm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "unity" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "xdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "ad_gpo_map_remote_interactive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -12097,7 +12376,7 @@ msgstr "" "DenyRemoteInteractiveLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -12109,7 +12388,7 @@ msgstr "" "служб віддаленої стільниці» («Deny log on through Remote Desktop Services»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -12119,7 +12398,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12138,22 +12417,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "sshd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "cockpit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "ad_gpo_map_network (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -12164,7 +12443,7 @@ msgstr "" "DenyNetworkLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -12176,7 +12455,7 @@ msgstr "" "мережі» (Deny access to this computer from the network»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -12186,7 +12465,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12205,22 +12484,22 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "ftp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "samba" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "ad_gpo_map_batch (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -12231,7 +12510,7 @@ msgstr "" "DenyBatchLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." @@ -12241,7 +12520,7 @@ msgstr "" "job») і «Заборонити вхід як пакетне завдання» («Deny log on as a batch job»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -12251,7 +12530,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12269,18 +12548,25 @@ msgstr "" "скористатися такими налаштуваннями: <placeholder type=\"programlisting\" id=" "\"0\"/>" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" +"Зауваження: назва служби cron у різних дистрибутивах Linux може бути різною." + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "crond" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "ad_gpo_map_service (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -12291,7 +12577,7 @@ msgstr "" "DenyServiceLogonRight." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." @@ -12301,7 +12587,7 @@ msgstr "" "«Заборонити вхід як службу» («Deny log on as a service»)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -12311,7 +12597,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -12328,12 +12614,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "ad_gpo_map_permit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." @@ -12342,7 +12628,7 @@ msgstr "" "основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -12352,7 +12638,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -12371,32 +12657,22 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "polkit-1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "sudo" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "sudo-i" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "systemd-user" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "ad_gpo_map_deny (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." @@ -12405,7 +12681,7 @@ msgstr "" "на основі GPO, незалежно від будь-яких прав входу GPO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -12415,12 +12691,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "ad_gpo_default_right (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -12442,57 +12718,57 @@ msgstr "" "забороняла доступ для непов’язаних назв служб PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "Передбачені значення для цього параметра:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "remote_interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "network" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "batch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "service" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "Типове значення: deny" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "ad_maximum_machine_account_password_age (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -12503,17 +12779,17 @@ msgstr "" "Значення 0 вимкне спроби оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "Типове значення: 30 днів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "ad_machine_account_password_renewal_opts (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -12528,12 +12804,12 @@ msgstr "" "— визначає початковий час очікування на перший запуск завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "Типове значення: 86400:750 (24 годин і 15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12550,12 +12826,12 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -12564,7 +12840,7 @@ msgstr "" "для з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12581,12 +12857,12 @@ msgstr "" "значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12597,7 +12873,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12621,7 +12897,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12633,7 +12909,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12645,7 +12921,7 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12660,7 +12936,7 @@ msgstr "" "шифрування) вручну." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -15889,7 +16165,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sss_ssh_authorizedkeys.1.xml:65 msgid "KEYS FROM CERTIFICATES" -msgstr "" +msgstr "КЛЮЧІ З СЕРТИФІКАТІВ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:67 @@ -15898,6 +16174,9 @@ msgid "" "<command>sss_ssh_authorizedkeys</command> can return public SSH keys derived " "from the public key of a X.509 certificate as well." msgstr "" +"Окрім відкрити ключів SSH для користувача <replaceable>КОРИСТУВАЧ</" +"replaceable>, <command>sss_ssh_authorizedkeys</command> може повертати ключі " +"SSH, які походять від відкритого ключа сертифіката X.509." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:73 @@ -15914,46 +16193,51 @@ msgid "" "certificate is valid SSSD will extract the public key from the certificate " "and convert it into the format expected by sshd." msgstr "" +"Щоб уможливити це, слід встановити для параметра " +"<quote>ssh_use_certificate_keys</quote> значення true (типове значення) у " +"розділі [ssh] файла <filename>sssd.conf</filename>. Якщо запис користувача " +"містить сертифікати (див <quote>ldap_user_certificate</quote> на сторінці " +"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>, щоб дізнатися більше) або існує сертифікат у " +"записі перевизначення для користувача (див. " +"<citerefentry><refentrytitle>sss_override</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> або <citerefentry><refentrytitle>sssd-ipa</" +"refentrytitle> <manvolnum>5</manvolnum></citerefentry>, щоб дізнатися " +"більше), а сертифікат є чинним, SSSD видобуде відкритий ключі з сертифіката " +"і перетворить його до формату, який може використовувати sshd." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:90 msgid "Besides <quote>ssh_use_certificate_keys</quote> the options" msgstr "" +"Окрім <quote>ssh_use_certificate_keys</quote>, може бути використано " +"параметри" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:92 msgid "ca_db" -msgstr "" +msgstr "ca_db" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:93 -#, fuzzy -#| msgid "p11_child_timeout (integer)" msgid "p11_child_timeout" -msgstr "p11_child_timeout (ціле число)" +msgstr "p11_child_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> #: sss_ssh_authorizedkeys.1.xml:94 -#, fuzzy -#| msgid "certificate_verification (string)" msgid "certificate_verification" -msgstr "certificate_verification (рядок)" +msgstr "certificate_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:96 -#, fuzzy -#| msgid "" -#| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " -#| "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -#| "manvolnum> </citerefentry> manual page for more details." msgid "" "can be used to control how the certificates are validated (see " "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum></citerefentry> for details)." msgstr "" -"З докладнішими відомостями щодо параметра «dns_discovery_domain» можна " -"ознайомитися на сторінці підручника (man) <citerefentry> <refentrytitle>sssd." -"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +"для керування способом встановлення чинності сертифікатів (докладніше див. " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>)." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:101 @@ -15968,6 +16252,16 @@ msgid "" "already expired because neither <command>ssh</command> nor <command>sshd</" "command> will look at the certificate at all." msgstr "" +"Перевірка чинності є перевагою використання сертифікатів X.509 замість " +"ключів SSH безпосередньо, оскільки, наприклад, це поліпшує можливості " +"керування часом придатності ключів. Якщо клієнт ssh налаштовано не " +"використання закритих ключів з смарткартки за допомогою бібліотеки PKCS#11 " +"спільного використання (див. <citerefentry><refentrytitle>ssh</" +"refentrytitle> <manvolnum>1</manvolnum></citerefentry>, щоб дізнатися " +"більше), може дратувати те, що розпізнавання залишається працездатним, " +"навіть якщо пов'язаний із ним сертифікат X.509 на смарткартці вже втратив " +"чинність, оскільки ні <command>ssh</command>, ні <command>sshd</command> не " +"братимуть сертифікат до уваги взагалі." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss_ssh_authorizedkeys.1.xml:114 @@ -15977,6 +16271,10 @@ msgid "" "certificate validation if the <command>sshd</command> configuration permits " "this." msgstr "" +"Слід зауважити, що похідний відкритий ключ SSH все одно можна додати до " +"файла <filename>authorized_keys</filename> користувача, щоб обійти перевірку " +"чинності сертифіката, якщо налаштування <command>sshd</command> надають " +"змогу це робити." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_authorizedkeys.1.xml:132 @@ -16100,21 +16398,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "<option>-U</option>,<option>--users</option>" -msgid "<option>-k</option>,<option>--pubkeys</option>" -msgstr "<option>-U</option>,<option>--users</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" +msgstr "<option>-k</option>,<option>--pubkey</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 -#, fuzzy -#| msgid "" -#| "Search for host public keys in SSSD domain <replaceable>DOMAIN</" -#| "replaceable>." msgid "" "Print the host ssh public keys for host <replaceable>HOST</replaceable>." -msgstr "" -"Шукати відкриті ключі вузлів у домені SSSD <replaceable>ДОМЕН</replaceable>." +msgstr "Вивести відкриті ключі SSH для вузла <replaceable>HOST</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: idmap_sss.8.xml:10 idmap_sss.8.xml:15 @@ -16164,7 +16455,18 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><programlisting> #: idmap_sss.8.xml:50 -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "[global]\n" +#| "security = ads\n" +#| "workgroup = <AD-DOMAIN-SHORTNAME>\n" +#| "\n" +#| "idmap config <AD-DOMAIN-SHORTNAME> : backend = sss\n" +#| "idmap config <AD-DOMAIN-SHORTNAME> : range = 200000-2147483647\n" +#| "\n" +#| "idmap config * : backend = tdb\n" +#| "idmap config * : range = 100000-199999\n" +#| " " msgid "" "[global]\n" "security = domain\n" @@ -16175,11 +16477,14 @@ msgid "" " " msgstr "" "[global]\n" -"security = domain\n" -"workgroup = MAIN\n" +"security = ads\n" +"workgroup = <AD-DOMAIN-SHORTNAME>\n" "\n" -"idmap config * : backend = sss\n" -"idmap config * : range = 200000-2147483647\n" +"idmap config <AD-DOMAIN-SHORTNAME> : backend = sss\n" +"idmap config <AD-DOMAIN-SHORTNAME> : range = 200000-2147483647\n" +"\n" +"idmap config * : backend = tdb\n" +"idmap config * : range = 100000-199999\n" " " #. type: Content of: <reference><refentry><refnamediv><refname> @@ -16279,10 +16584,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:69 -#, fuzzy -#| msgid "pwfield (string)" msgid "passwd_files (string)" -msgstr "pwfield (рядок)" +msgstr "passwd_files (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:72 @@ -16291,20 +16594,20 @@ msgid "" "enumerated by the files provider, inotify monitor watches will be set on " "each file to detect changes dynamically." msgstr "" +"Список з однієї чи декількох відокремлених комами назв файлів паролів, які " +"слід прочитати і нумерувати засобу надання даних файлів. Для кожного " +"вказаного файла буде встановлено спостереження за допомогою inotify для " +"динамічного виявлення внесених до нього змін." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: /etc/pki/nssdb" msgid "Default: /etc/passwd" -msgstr "Типове значення: /etc/pki/nssdb" +msgstr "Типове значення: /etc/passwd" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 -#, fuzzy -#| msgid "groups (string)" msgid "group_files (string)" -msgstr "groups (рядок)" +msgstr "group_files (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:87 @@ -16313,23 +16616,24 @@ msgid "" "enumerated by the files provider, inotify monitor watches will be set on " "each file to detect changes dynamically." msgstr "" +"Список з однієї чи декількох відокремлених комами назв файлів груп, які слід " +"прочитати і нумерувати засобу надання даних файлів. Для кожного вказаного " +"файла буде встановлено спостереження за допомогою inotify для динамічного " +"виявлення внесених до нього змін." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: nisNetgroup" msgid "Default: /etc/group" -msgstr "Типове значення: nisNetgroup" +msgstr "Типове значення: /etc/group" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 #, fuzzy #| msgid "" -#| "The files provider has no specific options of its own, however, generic " -#| "SSSD domain options can be set where applicable. Refer to the section " -#| "<quote>DOMAIN SECTIONS</quote> of the <citerefentry> <refentrytitle>sssd." -#| "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page " -#| "for details on the configuration of an SSSD domain." +#| "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +#| "citerefentry> manual page for details on the configuration of an SSSD " +#| "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "In addition to the options listed below, generic SSSD domain options can be " "set where applicable. Refer to the section <quote>DOMAIN SECTIONS</quote> " @@ -16337,12 +16641,10 @@ msgid "" "manvolnum> </citerefentry> manual page for details on the configuration of " "an SSSD domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Засіб надання даних файлів не має власних специфічних параметрів. Втім, " -"можна використовувати загальні параметри доменів SSSD там, де це є доречним. " "Зверніться до розділу «РОЗДІЛИ ДОМЕНІВ» сторінки довідника (man) " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" "manvolnum> </citerefentry>, щоб дізнатися більше про налаштування домену " -"SSSD. " +"SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:105 @@ -17670,18 +17972,31 @@ msgstr "СХОВИЩЕ КЕШУ РЕЄСТРАЦІЙНИХ ДАНИХ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-kcm.8.xml:131 -#, no-wrap +#, fuzzy, no-wrap +#| msgid "" +#| "systemctl start sssd-kcm.socket\n" +#| "systemctl enable sssd-kcm.socket\n" +#| " " msgid "" "systemctl start sssd-secrets.socket\n" "systemctl enable sssd-secrets.socket\n" " " msgstr "" -"systemctl start sssd-secrets.socket\n" -"systemctl enable sssd-secrets.socket\n" +"systemctl start sssd-kcm.socket\n" +"systemctl enable sssd-kcm.socket\n" " " #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:124 +#, fuzzy +#| msgid "" +#| "Finally, make sure the SSSD KCM server can be contacted. The KCM service " +#| "is typically socket-activated by <citerefentry> <refentrytitle>systemd</" +#| "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>. Unlike other " +#| "SSSD services, it cannot be started by adding the <quote>kcm</quote> " +#| "string to the <quote>service</quote> directive. <placeholder type=" +#| "\"programlisting\" id=\"0\"/> Please note your distribution may already " +#| "configure the units for you." msgid "" "The credential caches are stored in the SSSD secrets service (see " "<citerefentry> <refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</" @@ -17690,13 +18005,14 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/> Your distribution should " "already set the dependencies between the services." msgstr "" -"Кеші реєстраційних даних зберігаються у сховищі служби реєстраційних даних " -"SSSD (докладніший опис наведено на сторінці підручника <citerefentry> " -"<refentrytitle>sssd-secrets</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>). Тому важливо, щоб було увімкнено службу sssd-secrets, а її " -"сокет був доступним: <placeholder type=\"programlisting\" id=\"0\"/> " -"Відповідні залежності між цими службами вже мало бути встановлено засобами " -"вашого дистрибутива." +"Нарешті, переконайтеся, що з сервером KCM SSSD можна встановити зв'язок. " +"Типово, служба KCM вмикається за допомогою сокета з <citerefentry> " +"<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" +"citerefentry>. На відміну від інших служб SSSD, її не можна запустити " +"додаванням рядка <quote>kcm</quote> до інструкції <quote>service</quote>. " +"<placeholder type=\"programlisting\" id=\"0\"/> Будь ласка, зауважте, що " +"відповідні налаштування модулів вже могло бути виконано засобами вашого " +"дистрибутива." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-kcm.8.xml:141 @@ -18464,13 +18780,6 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:100 -#, fuzzy -#| msgid "" -#| "For LDAP-based providers, the resolve operation is performed as part of " -#| "an LDAP connection operation. Thefore, also the <quote>ldap_opt_timeout></" -#| "quote> timeout should be set to a larger value than " -#| "<quote>dns_resolver_timeout</quote> which in turn should be set to a " -#| "larger value than <quote>dns_resolver_op_timeout</quote>." msgid "" "For LDAP-based providers, the resolve operation is performed as part of an " "LDAP connection operation. Therefore, also the <quote>ldap_opt_timeout></" @@ -19235,6 +19544,56 @@ msgstr "" #. type: Content of: <refsect1><para> #: include/seealso.xml:4 +#, fuzzy +#| msgid "" +#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sssd-files</" +#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <phrase condition=" +#| "\"with_sudo\"> <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " +#| "<manvolnum>5</manvolnum> </citerefentry>, </phrase> <phrase condition=" +#| "\"with_secrets\"> <citerefentry> <refentrytitle>sssd-secrets</" +#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, </phrase> " +#| "<citerefentry> <refentrytitle>sssd-session-recording</refentrytitle> " +#| "<manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_cache</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <phrase condition=" +#| "\"enable_local_provider\"> <citerefentry> <refentrytitle>sss_groupadd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, </phrase> " +#| "<citerefentry> <refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_seed</" +#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" +#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> " +#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " +#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +#| "<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</" +#| "manvolnum> </citerefentry>, </phrase> <phrase condition=\"with_ifp\"> " +#| "<citerefentry> <refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</" +#| "manvolnum> </citerefentry>, </phrase> <citerefentry> " +#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </" +#| "citerefentry>. <citerefentry> <refentrytitle>sss_rpcidmapd</" +#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> <phrase condition=" +#| "\"with_stap\"> <citerefentry> <refentrytitle>sssd-systemtap</" +#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> </phrase>" msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" @@ -19292,15 +19651,17 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" -"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " -"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, </phrase> <phrase condition=\"with_secrets\"> <citerefentry> " -"<refentrytitle>sssd-secrets</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>, </phrase> <citerefentry> <refentrytitle>sssd-session-" -"recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>, " -"<citerefentry> <refentrytitle>sss_cache</refentrytitle><manvolnum>8</" -"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_debuglevel</" +"citerefentry>, <citerefentry> <refentrytitle>sssd-files</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <phrase condition=" +"\"with_sudo\"> <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>, </phrase> <phrase condition=" +"\"with_secrets\"> <citerefentry> <refentrytitle>sssd-secrets</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry>, </phrase> <citerefentry> " +"<refentrytitle>sssd-session-recording</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sss_cache</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <phrase condition=\"enable_local_provider\"> <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sss_groupdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " @@ -19311,7 +19672,7 @@ msgstr "" "citerefentry>, <citerefentry> <refentrytitle>sss_userdel</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> </" -"citerefentry>, <citerefentry> <refentrytitle>sss_obfuscate</" +"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_obfuscate</" "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " "<refentrytitle>sss_seed</refentrytitle><manvolnum>8</manvolnum> </" "citerefentry>, <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" @@ -19586,7 +19947,7 @@ msgstr "ldap_use_tokengroups = true" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:63 msgid "ldap_sasl_authid = sAMAccountName@REALM (typically SHORTNAME$@REALM)" -msgstr "" +msgstr "ldap_sasl_authid = sAMAccountName@ОБЛАСТЬ (типово SHORTNAME$@ОБЛАСТЬ)" #. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> #: include/ad_modified_defaults.xml:66 @@ -19599,6 +19960,39 @@ msgid "" "known host/hostname@REALM principal is a Service Principal and thus cannot " "be used to get a TGT with." msgstr "" +"Засіб надання даних AD типово шукає інші реєстраційні записи, ніж засіб " +"надання даних LDAP, оскільки у середовищі Active Directory реєстраційні " +"записи поділено на дві групи — реєстраційні записи користувачів і " +"реєстраційні записи служб. Для отримання TGT типово може бути використано " +"лише реєстраційний запис користувача, реєстраційні записи об'єктів " +"комп'ютерів будуються на основі sAMAccountName та області AD. Широко відомий " +"реєстраційний запис host/hostname@REALM є реєстраційним записом служби, отже " +"не може бути використаний для отримання TGT." + +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "Налаштування NSS" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "fallback_homedir = /home/%d/%u" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" +"Засіб надання даних AD автоматично встановлює «fallback_homedir = /home/%d/" +"%u» для надання особистих домашніх каталогів для записів користувачів без " +"атрибута homeDirectory. Якщо ваш домен AD належним чином заповнено щодо " +"атрибутів Posix і ви хочете уникнути такої резервної поведінки, ви можете " +"явним чином вказати «fallback_homedir = %o»." #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 @@ -19708,19 +20102,532 @@ msgid "ldap_group_external_member = ipaExternalMember" msgstr "ldap_group_external_member = ipaExternalMember" #~ msgid "" -#~ "PLEASE NOTE: the support for non-unique named subpatterns is not " -#~ "available on all platforms (e.g. RHEL5 and SLES10). Only platforms with " -#~ "libpcre version 7 or higher can support non-unique named subpatterns." +#~ "(OpenSSL version) This option is currently ignored. All needed " +#~ "certificates must be available in the PEM file given by pam_cert_db_path." +#~ msgstr "" +#~ "(Версія з OpenSSL) У поточній версії програма ігнорує цей параметр. Усі " +#~ "потрібні сертифікати мають бути у файлі PEM, який вказано параметром " +#~ "pam_cert_db_path." + +#~ msgid "crl_file=/PATH/TO/CRL/FILE" +#~ msgstr "crl_file=/ШЛЯХ/ДО/ФАЙЛА/CRL" + +#~ msgid "" +#~ "(NSS Version) This option is ignored, please see <citerefentry> " +#~ "<refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </" +#~ "citerefentry> how to import a Certificate Revocation List (CRL) into a " +#~ "NSS database." +#~ msgstr "" +#~ "(Версія з NSS) Цей параметр буде проігноровано, будь ласка, див. " +#~ "<citerefentry> <refentrytitle>crlutil</refentrytitle> <manvolnum>1</" +#~ "manvolnum> </citerefentry>, щоб дізнатися про те, як імпортувати список " +#~ "відкликання сертифікатів (CRL) до бази даних NSS." + +#~ msgid "" +#~ "(OpenSSL Version) Use the Certificate Revocation List (CRL) from the " +#~ "given file during the verification of the certificate. The CRL must be " +#~ "given in PEM format, see <citerefentry> <refentrytitle>crl</" +#~ "refentrytitle> <manvolnum>1ssl</manvolnum> </citerefentry> for details." +#~ msgstr "" +#~ "(Версія з OpenSSL) Використовувати список відкликання сертифікатів (CRL) " +#~ "з вказаного файла під час перевірки сертифіката. CRL має бути вказано у " +#~ "форматі PEM, див. <citerefentry> <refentrytitle>crl</refentrytitle> " +#~ "<manvolnum>1ssl</manvolnum> </citerefentry>, щоб дізнатися більше." + +#~ msgid "p11_wait_for_card_timeout (integer)" +#~ msgstr "p11_wait_for_card_timeout (ціле число)" + +#~ msgid "" +#~ "If Smartcard authentication is required how many extra seconds in " +#~ "addition to p11_child_timeout should the PAM responder wait until a " +#~ "Smartcard is inserted." +#~ msgstr "" +#~ "Якщо обов'язковим є розпізнавання за смарткарткою, кількість додаткових " +#~ "секунд, які буде додано до p11_child_timeout, протягом яких відповідача " +#~ "PAM має чекати на вставлення смарткартки." + +#~ msgid "p11_uri (string)" +#~ msgstr "p11_uri (рядок)" + +#~ msgid "" +#~ "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " +#~ "selection of devices used for Smartcard authentication. By default SSSD's " +#~ "p11_child will search for a PKCS#11 slot (reader) where the 'removable' " +#~ "flags is set and read the certificates from the inserted token from the " +#~ "first slot found. If multiple readers are connected p11_uri can be use to " +#~ "tell p11_child to use a specific reader." +#~ msgstr "" +#~ "Адреса PKCS#11 (докладніший опис можна знайти у RFC-7512), якою можна " +#~ "скористатися для обмеження переліку пристроїв, які використовуються для " +#~ "розпізнавання за допомогою смарткартки. Типово, p11_child зі складу SSSD " +#~ "виконуватиме пошук слоту PKCS#11 (зчитувача), для якого встановлено " +#~ "прапорці «removable» («портативний») і читатиме сертифікати із першого " +#~ "знайденого слоту вставленого ключа. Якщо з комп'ютером буде з'єднано " +#~ "декілька зчитувачів, можна скористатися p11_uri для повідомлення " +#~ "p11_child про те, що слід використовувати вказаний зчитувач." + +#~ msgid "" +#~ "p11_uri = slot-description=My%20Smartcar%20Reader\n" +#~ " " +#~ msgstr "" +#~ "p11_uri = slot-description=My%20Smartcar%20Reader\n" +#~ " " + +#~ msgid "" +#~ "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" +#~ " " +#~ msgstr "" +#~ "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" +#~ " " + +#~ msgid "" +#~ "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " +#~ "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " +#~ "debug output of p11_child. As an alternative the GnuTLS utility 'p11tool' " +#~ "with e.g. the '--list-all' will show PKCS#11 URIs as well." +#~ msgstr "" +#~ "Приклади: <placeholder type=\"programlisting\" id=\"0\"/> або " +#~ "<placeholder type=\"programlisting\" id=\"1\"/> Для визначення " +#~ "відповідної адреси, ознайомтеся із файлом діагностичних даних p11_child. " +#~ "Крім того, можна скористатися програмою GnuTLS p11tool, наприклад, із " +#~ "параметром --list-all, який покаже і адреси PKCS#11." + +#~ msgid "CERTIFICATE MAPPING SECTION" +#~ msgstr "РОЗДІЛ ПРИВ'ЯЗКИ СЕРТИФІКАТІВ" + +#~ msgid "" +#~ "To allow authentication with Smartcards and certificates SSSD must be " +#~ "able to map certificates to users. This can be done by adding the full " +#~ "certificate to the LDAP object of the user or to a local override. While " +#~ "using the full certificate is required to use the Smartcard " +#~ "authentication feature of SSH (see <citerefentry> " +#~ "<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</" +#~ "manvolnum> </citerefentry> for details) it might be cumbersome or not " +#~ "even possible to do this for the general case where local services use " +#~ "PAM for authentication." +#~ msgstr "" +#~ "Щоб уможливити розпізнавання за смарткартками та сертифікатами, SSSD " +#~ "повинна мати можливість пов'язувати сертифікати із записами користувачів. " +#~ "Забезпечити таку можливість можна додаванням повного сертифіката до " +#~ "об'єкта LDAP користувача або локальним перевизначенням. Хоча використання " +#~ "повного сертифіката є обов'язковим для використання можливості " +#~ "розпізнавання за смарткарткою у (див. <citerefentry> " +#~ "<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</" +#~ "manvolnum> </citerefentry>, щоб дізнатися більше), додавання таких " +#~ "сертифікатів може бути марудною або навіть неможливою справою для " +#~ "загального випадку, коли локальні служби використовують для розпізнавання " +#~ "PAM." + +#~ msgid "" +#~ "To make the mapping more flexible mapping and matching rules were added " +#~ "to SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " +#~ "<manvolnum>5</manvolnum> </citerefentry> for details)." +#~ msgstr "" +#~ "Для додавання гнучкості прив'язкам у SSSD додано правила прив'язки і " +#~ "встановлення відповідності (докладніше про це у розділі <citerefentry> " +#~ "<refentrytitle>sss-certmap</refentrytitle> <manvolnum>5</manvolnum> </" +#~ "citerefentry>)." + +#~ msgid "" +#~ "A mapping and matching rule can be added to the SSSD configuration in a " +#~ "section on its own with a name like <quote>[certmap/" +#~ "<replaceable>DOMAIN_NAME</replaceable>/<replaceable>RULE_NAME</" +#~ "replaceable>]</quote>. In this section the following options are allowed:" +#~ msgstr "" +#~ "Правила пов'язування та відповідності можна додати до налаштувань SSSD у " +#~ "окремий розділ із назвою, подібною до <quote>[certmap/" +#~ "<replaceable>НАЗВА_ДОМЕНУ</replaceable>/<replaceable>НАЗВА_ПРАВИЛА</" +#~ "replaceable>]</quote>. У цьому розділі можна використовувати такі " +#~ "параметри:" + +#~ msgid "matchrule (string)" +#~ msgstr "matchrule (рядок)" + +#~ msgid "" +#~ "Only certificates from the Smartcard which matches this rule will be " +#~ "processed, all others are ignored." +#~ msgstr "" +#~ "Буде виконано обробку лише тих сертифікатів зі смарткартки, які " +#~ "відповідають цьому правилу. Усі інші сертифікати буде проігноровано." + +#~ msgid "" +#~ "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have " +#~ "the Extended Key Usage <quote>clientAuth</quote>" +#~ msgstr "" +#~ "Типове значення: KRB5:<EKU>clientAuth, тобто лише сертифікати, у " +#~ "яких Extended Key Usage (розширене використання ключа) дорівнює " +#~ "<quote>clientAuth</quote>" + +#~ msgid "maprule (string)" +#~ msgstr "maprule (рядок)" + +#~ msgid "Defines how the user is found for a given certificate." +#~ msgstr "Визначає спосіб пошуку користувача для вказаного сертифіката." + +#~ msgid "" +#~ "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " +#~ "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." +#~ msgstr "" +#~ "LDAP:(userCertificate;binary={cert!bin}) для заснованих на LDAP " +#~ "надавачів даних, зокрема <quote>ldap</quote>, <quote>AD</quote> та " +#~ "<quote>ipa</quote>." + +#~ msgid "" +#~ "The RULE_NAME for the <quote>files</quote> provider which tries to find a " +#~ "user with the same name." +#~ msgstr "" +#~ "RULE_NAME для надавача даних <quote>files</quote>, який намагається " +#~ "знайти запис користувача і такою самою назвою." + +#~ msgid "domains (string)" +#~ msgstr "domains (рядок)" + +#~ msgid "" +#~ "Comma separated list of domain names the rule should be applied. By " +#~ "default a rule is only valid in the domain configured in sssd.conf. If " +#~ "the provider supports subdomains this option can be used to add the rule " +#~ "to subdomains as well." +#~ msgstr "" +#~ "Список відокремлених комами назв доменів, до яких слід застосовувати " +#~ "правило. Типово, правило стосуватиметься лише домену, який налаштовано у " +#~ "sssd.conf. Якщо для надавача даних передбачено підтримку піддоменів, цей " +#~ "параметр можна використати і для додавання правила до піддоменів." + +#~ msgid "Default: the configured domain in sssd.conf" +#~ msgstr "Типове значення: домен, який налаштовано у sssd.conf" + +#~ msgid "priority (integer)" +#~ msgstr "priority (ціле число)" + +#~ msgid "" +#~ "Unsigned integer value defining the priority of the rule. The higher the " +#~ "number the lower the priority. <quote>0</quote> stands for the highest " +#~ "priority while <quote>4294967295</quote> is the lowest." +#~ msgstr "" +#~ "Ціле невід'ємне значення, яке визначає пріоритетність правила. Чим " +#~ "більшим є значення, тим нижчою є пріоритетність. <quote>0</quote> — " +#~ "найвища пріоритетність, а <quote>4294967295</quote> — найнижча." + +#~ msgid "Default: the lowest priority" +#~ msgstr "Типове значення: найнижча пріоритетність" + +#~ msgid "" +#~ "To make the configuration simple and reduce the amount of configuration " +#~ "options the <quote>files</quote> provider has some special properties:" +#~ msgstr "" +#~ "Щоб спростити налаштовування із зменшити кількість параметрів " +#~ "налаштовування, у надавачі даних <quote>files</quote> передбачено " +#~ "декілька спеціальних властивостей:" + +#~ msgid "" +#~ "if maprule is not set the RULE_NAME name is assumed to be the name of the " +#~ "matching user" +#~ msgstr "" +#~ "якщо не встановлено maprule, припускається, що значенням RULE_NAME є " +#~ "назва відповідного облікового запису користувача" + +#~ msgid "" +#~ "if a maprule is used both a single user name or a template like " +#~ "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e." +#~ "g. <quote>(username)</quote> or <quote>({subject_rfc822_name." +#~ "short_name})</quote>" +#~ msgstr "" +#~ "якщо maprule використовує обидва, назву облікового запису окремого " +#~ "користувача або шаблон, подібний до <quote>{назва_об'єкта_rfc822." +#~ "коротка_назва}</quote>, слід брати у дужки, наприклад " +#~ "<quote>(користувач)</quote> або <quote>({назва_об'єкта_rfc822." +#~ "коротка_назва})</quote>" + +#~ msgid "the <quote>domains</quote> option is ignored" +#~ msgstr "параметр <quote>domains</quote> буде проігноровано" + +#~ msgid "" +#~ "[certmap/my.domain/rule_name]\n" +#~ "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$\n" +#~ "maprule = (userCertificate;binary={cert!bin})\n" +#~ "domains = my.domain, your.domain\n" +#~ "priority = 10\n" +#~ "\n" +#~ "[certmap/files/myname]\n" +#~ "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" +#~ msgstr "" +#~ "[certmap/my.domain/rule_name]\n" +#~ "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$\n" +#~ "maprule = (userCertificate;binary={cert!bin})\n" +#~ "domains = my.domain, your.domain\n" +#~ "priority = 10\n" +#~ "\n" +#~ "[certmap/files/myname]\n" +#~ "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" + +#~ msgid "" +#~ "3. The following example shows the configuration for two certificate " +#~ "mapping rules. The first is valid for the configured domain <quote>my." +#~ "domain</quote> and additionally for the subdomains <quote>your.domain</" +#~ "quote> and uses the full certificate in the search filter. The second " +#~ "example is valid for the domain <quote>files</quote> where it is assumed " +#~ "the files provider is used for this domain and contains a matching rule " +#~ "for the local user <quote>myname</quote>. <placeholder type=" +#~ "\"programlisting\" id=\"0\"/>" +#~ msgstr "" +#~ "3. У наведеному нижче прикладі показано налаштування для двох правил " +#~ "пов'язування сертифікатів. Перше є чинним для налаштованого домену " +#~ "<quote>my.domain</quote> і, додатково, для піддоменів <quote>your.domain</" +#~ "quote> і використовує повний сертифікат у фільтрі пошуку. Другий приклад " +#~ "є чинним для домену <quote>files</quote>, де припускається, що для цього " +#~ "домену використовується засіб надання даних файлів, і містить правило " +#~ "відповідності для локального користувача <quote>myname</quote>. " +#~ "<placeholder type=\"programlisting\" id=\"0\"/>" + +#~ msgid "" +#~ "Using wildcard is an operation that is very costly to evaluate on the " +#~ "LDAP server side!" +#~ msgstr "" +#~ "Використання символів-замінників є дуже обчислювально вартісною операцією " +#~ "для сервера LDAP!" + +#~ msgid "<option>try_cert_auth</option>" +#~ msgstr "<option>try_cert_auth</option>" + +#~ msgid "" +#~ "Try to use certificate based authentication, i.e. authentication with a " +#~ "Smartcard or similar devices. If a Smartcard is available and the service " +#~ "is allowed for Smartcard authentication the use will be prompted for a " +#~ "PIN and the certificate based authentication will continue" +#~ msgstr "" +#~ "Спробувати скористатися розпізнаванням на основі сертифікатів, тобто " +#~ "розпізнаванням за допомогою смарткартки або подібного пристрою. Якщо " +#~ "доступною є смарткартка і уможливлено розпізнавання за смарткарткою для " +#~ "служби, система надішле запит щодо пін-коду і буде продовжено процедуру " +#~ "розпізнавання за сертифікатом." + +#~ msgid "" +#~ "If no Smartcard is available or certificate based authentication is not " +#~ "allowed for the current service PAM_AUTHINFO_UNAVAIL is returned." +#~ msgstr "" +#~ "Якщо смарткартка виявиться недоступною або розпізнавання за сертифікатом " +#~ "буде заборонено для поточної служби, буде повернуто PAM_AUTHINFO_UNAVAIL." + +#~ msgid "<option>require_cert_auth</option>" +#~ msgstr "<option>require_cert_auth</option>" + +#~ msgid "" +#~ "Do certificate based authentication, i.e. authentication with a " +#~ "Smartcard or similar devices. If a Smartcard is not available the user " +#~ "will be prompted to insert one. SSSD will wait for a Smartcard until the " +#~ "timeout defined by p11_wait_for_card_timeout passed, please see " +#~ "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#~ "manvolnum></citerefentry> for details." +#~ msgstr "" +#~ "Виконати розпізнавання на основі сертифікатів, тобто розпізнавання за " +#~ "допомогою смарткартки або подібного пристрою. Якщо смарткартка виявиться " +#~ "недоступною, система попросить користувача вставити її. SSSD чекатиме на " +#~ "смарткартку, аж доки не завершиться час очікування, визначений переданим " +#~ "значенням p11_wait_for_card_timeout. Див. " +#~ "<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +#~ "manvolnum></citerefentry>, щоб дізнатися більше." + +#~ msgid "" +#~ "If no Smartcard is available after the timeout or certificate based " +#~ "authentication is not allowed for the current service " +#~ "PAM_AUTHINFO_UNAVAIL is returned." +#~ msgstr "" +#~ "Якщо смарткартка виявиться недоступною на момент завершення часу " +#~ "очікування або розпізнавання за сертифікатом буде заборонено для поточної " +#~ "служби, буде повернуто PAM_AUTHINFO_UNAVAIL." + +#~ msgid "dyndns_update_per_family (boolean)" +#~ msgstr "dyndns_update_per_family (булеве значення)" + +#~ msgid "" +#~ "DNS update is by default performed in two steps - IPv4 update and then " +#~ "IPv6 update. In some cases it might be desirable to perform IPv4 and IPv6 " +#~ "update in single step." +#~ msgstr "" +#~ "Оновлення DNS, типово, виконується у два кроки — оновлення IPv4, а потім " +#~ "оновлення IPv6. Іноді бажаним є виконання оновлення IPv4 і IPv6 за один " +#~ "крок." + +#~ msgid "<option>-g</option>,<option>--genconf</option>" +#~ msgstr "<option>-g</option>,<option>--genconf</option>" + +#~ msgid "" +#~ "Do not start the SSSD, but refresh the configuration database from the " +#~ "contents of <filename>/etc/sssd/sssd.conf</filename> and exit." +#~ msgstr "" +#~ "Не запускати SSSD, а лише оновити базу даних налаштувань на основі вмісту " +#~ "<filename>/etc/sssd/sssd.conf</filename> і завершити роботу." + +#~ msgid "<option>-s</option>,<option>--genconf-section</option>" +#~ msgstr "<option>-s</option>,<option>--genconf-section</option>" + +#~ msgid "" +#~ "Similar to <quote>--genconf</quote>, but only refresh a single section " +#~ "from the configuration file. This option is useful mainly to be called " +#~ "from systemd unit files to allow socket-activated responders to refresh " +#~ "their configuration without requiring the administrator to restart the " +#~ "whole SSSD." +#~ msgstr "" +#~ "Подібний до <quote>--genconf</quote>, але наказує програмі освіжити лише " +#~ "окремий розділу на основі файла налаштувань. Цей параметр корисний, в " +#~ "основному, для виклику з файлів модулів systemd з метою дозволити " +#~ "відповідачам, які активуються з сокетів, освіжати налаштування без " +#~ "потреби у перезапуску адміністратором усього SSSD." + +#~ msgid "" +#~ "Please replace <AD-DOMAIN-SHORTNAME> with the NetBIOS domain name " +#~ "of the AD domain. If multiple AD domains should be used each domain needs " +#~ "an <literal>idmap config</literal> line with <literal>backend = sss</" +#~ "literal> and a line with a suitable <literal>range</literal>." +#~ msgstr "" +#~ "Будь ласка, замініть <AD-DOMAIN-SHORTNAME> на назву домену у " +#~ "NetBIOS домену AD. Якщо має бути використано декілька доменів AD, для " +#~ "кожного домену потрібен рядок <literal>idmap config</literal> із " +#~ "<literal>backend = sss</literal> і рядок із відповідним <literal>range</" +#~ "literal>." + +#~ msgid "" +#~ "Since Winbind requires a writeable default backend and idmap_sss is read-" +#~ "only the example includes <literal>backend = tdb</literal> as default." +#~ msgstr "" +#~ "Оскільки для Winbind потрібен придатний до запису типовий модуль, а " +#~ "idmap_sss є придатним лише для читання, до прикладу включено як типовий " +#~ "модуль <literal>backend = tdb</literal>." + +#~ msgid "" +#~ "Another reason is to provide efficient caching of local users and groups." +#~ msgstr "" +#~ "Іншою причиною може бути потреба у забезпеченні ефективного кешування " +#~ "даних локальних користувачів і груп." + +#~ msgid "" +#~ "Please note that some distributions enable the files domain " +#~ "automatically, prepending the domain before any explicitly configured " +#~ "domains. See enable_files_domain in <citerefentry> <refentrytitle>sssd." +#~ "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +#~ msgstr "" +#~ "Будь ласка, зауважте, що у деяких дистрибутивах домен files увімкнено " +#~ "автоматично, оскільки цей домен додано до будь-якого із явно визначених " +#~ "доменів. Див. enable_files_domain у <citerefentry> <refentrytitle>sssd." +#~ "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." + +#~ msgid "" +#~ "SSSD never handles resolution of user/group \"root\". Also resolution of " +#~ "UID/GID 0 is not handled by SSSD. Such requests are passed to next NSS " +#~ "module (usually files)." +#~ msgstr "" +#~ "SSSD ніколи не виконує визначення для користувача або групи «root». Крім " +#~ "того, SSSD не обробляє запити щодо визначення UID/GID 0. Такі запити " +#~ "передаються наступному модулю NSS (зазвичай, files)." + +#~ msgid "" +#~ "When SSSD is not running or responding, nss_sss returns the UNAVAIL code " +#~ "which causes the request to be passed to the next module." +#~ msgstr "" +#~ "Якщо SSSD не запущено або програма не відповідає, nss_sss повертає код " +#~ "UNAVAIL, що спричиняє передавання запиту наступному модулю." + +#~ msgid "" +#~ "In addition to the options listed below, generic SSSD domain options can " +#~ "be set where applicable. Refer to the section <quote>DOMAIN SECTIONS</" +#~ "quote> of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +#~ "<manvolnum>5</manvolnum> </citerefentry> manual page for details on the " +#~ "configuration of an SSSD domain. But the purpose of the files provider is " +#~ "to expose the same data as the UNIX files, just through the SSSD " +#~ "interfaces. Therefore not all generic domain options are supported. " +#~ "Likewise, some global options, such as overriding the shell in the " +#~ "<quote>nss</quote> section for all domains has no effect on the files " +#~ "domain unless explicitly specified per-domain. <placeholder type=" +#~ "\"variablelist\" id=\"0\"/>" +#~ msgstr "" +#~ "Окрім параметрів із наведеного нижче списку, можна встановлювати, де це є " +#~ "відповідним, загальні параметри домену SSSD. Зверніться до розділу " +#~ "<quote>РОЗДІЛИ ДОМЕНІВ</quote> сторінки підручника <citerefentry> " +#~ "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +#~ "citerefentry>, щоб дізнатися більше про налаштовування домені SSSD. Втім, " +#~ "призначенням надавача даних files є надання тих самих даних, які " +#~ "встановлюються для файлів UNIX, просто за допомогою інтерфейсів SSSD. " +#~ "Тому передбачено підтримку не усіх загальних параметрів доменів. Так " +#~ "само, деякі загальні параметри, зокрема перевизначення командної оболонки " +#~ "у розділі <quote>nss</quote> для усіх доменів, ні на що не впливають у " +#~ "домені files, якщо їх не вказано явним чином для окремих доменів. " +#~ "<placeholder type=\"variablelist\" id=\"0\"/>" + +#~ msgid "" +#~ "To leverage caching of local users and groups by SSSD nss_sss module must " +#~ "be listed before nss_files module in /etc/nsswitch.conf." +#~ msgstr "" +#~ "Для балансування кешування даних локальних користувачів та груп у SSSD " +#~ "модуль nss_sss має перебувати у списку файла /etc/nsswitch.conf вище за " +#~ "модуль nss_files." + +#~ msgid "" +#~ "passwd: sss files\n" +#~ "group: sss files\n" +#~ msgstr "" +#~ "passwd: sss files\n" +#~ "group: sss files\n" + +#~ msgid "" +#~ "The credential caches are stored in a database, much like SSSD caches " +#~ "user or group entries. The database is typically located at <quote>/var/" +#~ "lib/sss/secrets</quote>." +#~ msgstr "" +#~ "Кеші реєстраційних даних зберігаються у базі даних, дуже подібно до кешів " +#~ "записів користувачів і груп SSSD. Типово, база даних зберігається у " +#~ "<quote>/var/lib/sss/secrets</quote>." + +#~ msgid "OBTAINING DEBUG LOGS" +#~ msgstr "ОТРИМАННЯ ДІАГНОСТИЧНОГО ЖУРНАЛУ" + +#~ msgid "" +#~ "[kcm]\n" +#~ "debug_level = 10\n" +#~ " " +#~ msgstr "" +#~ "[kcm]\n" +#~ "debug_level = 10\n" +#~ " " + +#~ msgid "" +#~ "systemctl restart sssd-kcm.service\n" +#~ " " +#~ msgstr "" +#~ "systemctl restart sssd-kcm.service\n" +#~ " " + +#~ msgid "" +#~ "The sssd-kcm service is typically socket-activated <citerefentry> " +#~ "<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" +#~ "citerefentry>. To generate debug logs, add the following either to the " +#~ "<filename>/etc/sssd/sssd.conf</filename> file directly or as a " +#~ "configuration snippet to <filename>/etc/sssd/conf.d/</filename> " +#~ "directory: <placeholder type=\"programlisting\" id=\"0\"/> Then, restart " +#~ "the sssd-kcm service: <placeholder type=\"programlisting\" id=\"1\"/> " +#~ "Finally, run whatever use-case doesn't work for you. The KCM logs will be " +#~ "generated at <filename>/var/log/sssd/sssd_kcm.log</filename>. It is " +#~ "recommended to disable the debug logs when you no longer need the " +#~ "debugging to be enabled as the sssd-kcm service can generate quite a " +#~ "large amount of debugging information." #~ msgstr "" -#~ "Будь ласка, зауважте: підтримку неунікальних назв підшаблонів передбачено " -#~ "не для всіх платформ (наприклад, нею не можна скористатися у RHEL5 і " -#~ "SLES10). Підтримкою неунікальних назв підшаблонів можна скористатися лише " -#~ "на платформах з версією libpcre 7." +#~ "Типово, служба sssd-kcm активує крізь сокет <citerefentry> " +#~ "<refentrytitle>systemd</refentrytitle> <manvolnum>1</manvolnum> </" +#~ "citerefentry>. Для створення діагностичних журналів додайте вказані нижче " +#~ "рядки або безпосередньо до файла <filename>/etc/sssd/sssd.conf</" +#~ "filename>, або як фрагмент налаштувань до каталогу <filename>/etc/sssd/" +#~ "conf.d/</filename>: <placeholder type=\"programlisting\" id=\"0\"/> Далі, " +#~ "перезапустіть службу sssd-kcm: <placeholder type=\"programlisting\" id=" +#~ "\"1\"/> Нарешті, виконайте дії, які не призводять до бажаних для вас " +#~ "наслідків. Журнал KCM буде записано до <filename>/var/log/sssd/sssd_kcm." +#~ "log</filename>. Рекомендуємо вимкнути ведення діагностичного журналу, " +#~ "якщо вам не потрібні діагностичні дані, оскільки служба sssd-kcm може " +#~ "породжувати доволі великий обсяг діагностичних даних." #~ msgid "" -#~ "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " -#~ "(?P<name>) to label subpatterns." +#~ "Please note that configuration snippets are, at the moment, only " +#~ "processed if the main configuration file at <filename>/etc/sssd/sssd." +#~ "conf</filename> exists at all." #~ msgstr "" -#~ "Додаткове зауваження: у застарілих версіях libpcre передбачено підтримку " -#~ "лише синтаксичних конструкцій Python (?P<name>) для позначення " -#~ "підшаблонів." +#~ "Будь ласка, зауважте, що у поточній версії фрагменти налаштувань буде " +#~ "оброблено, лише якщо взагалі існує основний файл налаштувань <filename>/" +#~ "etc/sssd/sssd.conf</filename>." diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index a9cbd8e3778..07d077010ac 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -6,9 +6,9 @@ # Christopher Meng <cickumqt@gmail.com>, 2012 msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.16.1\n" +"Project-Id-Version: sssd-docs 2.0.99\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2018-08-12 13:01+0000\n" +"POT-Creation-Date: 2019-03-20 22:06+0100\n" "PO-Revision-Date: 2014-12-15 12:16+0000\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -18,7 +18,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Zanata 4.4.5\n" +"X-Generator: Zanata 4.6.2\n" #. type: Content of: <reference><title> #: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 @@ -299,11 +299,11 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:839 -#: sssd.conf.5.xml:1491 sssd.conf.5.xml:1521 sssd-ldap.5.xml:1851 -#: sssd-ldap.5.xml:1948 sssd-ldap.5.xml:2010 sssd-ldap.5.xml:2576 -#: sssd-ldap.5.xml:2641 sssd-ldap.5.xml:2659 sssd-ad.5.xml:227 -#: sssd-ad.5.xml:341 sssd-ad.5.xml:885 sssd-krb5.5.xml:499 +#: sssd.conf.5.xml:133 sssd.conf.5.xml:543 sssd.conf.5.xml:840 +#: sssd.conf.5.xml:1566 sssd.conf.5.xml:1596 sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1986 sssd-ldap.5.xml:2048 sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2679 sssd-ldap.5.xml:2697 sssd-ad.5.xml:227 +#: sssd-ad.5.xml:341 sssd-ad.5.xml:907 sssd-krb5.5.xml:499 #: sssd-secrets.5.xml:351 sssd-secrets.5.xml:364 msgid "Default: true" msgstr "" @@ -322,16 +322,16 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:146 sssd.conf.5.xml:540 sssd.conf.5.xml:722 -#: sssd.conf.5.xml:1424 sssd.conf.5.xml:2980 sssd-ldap.5.xml:708 -#: sssd-ldap.5.xml:1714 sssd-ldap.5.xml:1733 sssd-ldap.5.xml:1920 -#: sssd-ldap.5.xml:2346 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 +#: sssd.conf.5.xml:1499 sssd.conf.5.xml:3106 sssd-ldap.5.xml:746 +#: sssd-ldap.5.xml:1752 sssd-ldap.5.xml:1771 sssd-ldap.5.xml:1958 +#: sssd-ldap.5.xml:2384 sssd-ipa.5.xml:151 sssd-ipa.5.xml:238 #: sssd-ipa.5.xml:559 sssd-krb5.5.xml:266 sssd-krb5.5.xml:300 #: sssd-krb5.5.xml:471 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2384 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:157 sssd-ldap.5.xml:2422 #: sssd-systemtap.5.xml:82 sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:210 #: sssd-systemtap.5.xml:248 sssd-systemtap.5.xml:304 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -356,8 +356,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:169 sssd.conf.5.xml:1376 sssd.conf.5.xml:2996 -#: sssd-ldap.5.xml:1585 include/ldap_id_mapping.xml:264 +#: sssd.conf.5.xml:169 sssd.conf.5.xml:1377 sssd.conf.5.xml:3122 +#: sssd-ldap.5.xml:1623 include/ldap_id_mapping.xml:264 msgid "Default: 10" msgstr "" @@ -372,7 +372,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:191 sssd.conf.5.xml:3085 +#: sssd.conf.5.xml:191 sssd.conf.5.xml:3211 msgid "Section parameters" msgstr "" @@ -452,7 +452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:259 sssd.conf.5.xml:2597 +#: sssd.conf.5.xml:259 sssd.conf.5.xml:2672 msgid "re_expression (string)" msgstr "" @@ -472,12 +472,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:276 sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:276 sssd.conf.5.xml:2720 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:279 sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:279 sssd.conf.5.xml:2723 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -485,39 +485,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:290 sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:290 sssd.conf.5.xml:2734 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:291 sssd.conf.5.xml:2660 +#: sssd.conf.5.xml:291 sssd.conf.5.xml:2735 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:294 sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:2738 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:297 sssd.conf.5.xml:2666 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:2741 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:2672 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:2747 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:306 sssd.conf.5.xml:2675 +#: sssd.conf.5.xml:306 sssd.conf.5.xml:2750 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:2656 +#: sssd.conf.5.xml:287 sssd.conf.5.xml:2731 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -641,9 +641,9 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:418 sssd.conf.5.xml:1165 sssd-ldap.5.xml:679 -#: sssd-ldap.5.xml:1319 sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1685 -#: sssd-ldap.5.xml:1767 sssd-ad.5.xml:690 sssd-ad.5.xml:765 sssd.8.xml:126 +#: sssd.conf.5.xml:418 sssd.conf.5.xml:1166 sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1711 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1805 sssd-ad.5.xml:712 sssd-ad.5.xml:787 sssd.8.xml:126 #: sssd-krb5.5.xml:410 sssd-krb5.5.xml:556 sssd-secrets.5.xml:339 #: sssd-secrets.5.xml:377 sssd-secrets.5.xml:390 sssd-secrets.5.xml:404 #: sssd-secrets.5.xml:415 include/ldap_id_mapping.xml:205 @@ -835,7 +835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:588 sssd.conf.5.xml:1388 sssd.conf.5.xml:3046 +#: sssd.conf.5.xml:588 sssd.conf.5.xml:1389 sssd.conf.5.xml:3172 #: sssd-ad.5.xml:164 sssd-ad.5.xml:302 sssd-ad.5.xml:316 msgid "Default: Not set" msgstr "" @@ -911,8 +911,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:970 -#: sssd.conf.5.xml:1231 sssd-ldap.5.xml:1412 +#: sssd.conf.5.xml:656 sssd.conf.5.xml:688 sssd.conf.5.xml:971 +#: sssd.conf.5.xml:1232 sssd-ldap.5.xml:1450 msgid "Default: 60" msgstr "" @@ -972,8 +972,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:710 sssd.conf.5.xml:983 sssd.conf.5.xml:1616 -#: sssd-ldap.5.xml:722 +#: sssd.conf.5.xml:710 sssd.conf.5.xml:984 sssd.conf.5.xml:1691 +#: sssd-ldap.5.xml:760 msgid "Default: 300" msgstr "" @@ -1050,7 +1050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:776 sssd.conf.5.xml:1520 msgid "Default: 50" msgstr "" @@ -1068,7 +1068,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:790 sssd.conf.5.xml:1544 msgid "Default: 15" msgstr "" @@ -1101,11 +1101,11 @@ msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " "also be set per-domain or include fully-qualified names to filter only users " -"from the particular domain." +"from the particular domain or by a user principal name (UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:820 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1114,41 +1114,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:827 +#: sssd.conf.5.xml:828 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:833 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:836 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:846 +#: sssd.conf.5.xml:847 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:850 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:854 +#: sssd.conf.5.xml:855 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:861 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1156,23 +1156,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:858 sssd.conf.5.xml:1298 sssd.conf.5.xml:1317 +#: sssd.conf.5.xml:859 sssd.conf.5.xml:1299 sssd.conf.5.xml:1318 #: sssd-krb5.5.xml:539 include/override_homedir.xml:59 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:870 +#: sssd.conf.5.xml:871 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:873 +#: sssd.conf.5.xml:874 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1180,47 +1180,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#: sssd.conf.5.xml:880 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:889 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:900 +#: sssd.conf.5.xml:901 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:905 +#: sssd.conf.5.xml:906 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 +#: sssd.conf.5.xml:909 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1228,112 +1228,112 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:915 +#: sssd.conf.5.xml:916 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#: sssd.conf.5.xml:919 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:922 +#: sssd.conf.5.xml:923 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:927 +#: sssd.conf.5.xml:928 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:931 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:935 +#: sssd.conf.5.xml:936 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:939 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:942 +#: sssd.conf.5.xml:943 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:951 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:956 +#: sssd.conf.5.xml:957 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:963 sssd.conf.5.xml:1224 +#: sssd.conf.5.xml:964 sssd.conf.5.xml:1225 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:966 sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:967 sssd.conf.5.xml:1228 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:976 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:979 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:987 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:993 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1000 sssd-ifp.5.xml:74 +#: sssd.conf.5.xml:1001 sssd-ifp.5.xml:74 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1003 +#: sssd.conf.5.xml:1004 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1344,96 +1344,96 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1016 +#: sssd.conf.5.xml:1017 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1022 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1026 +#: sssd.conf.5.xml:1027 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1030 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 include/override_homedir.xml:56 +#: sssd.conf.5.xml:1035 include/override_homedir.xml:56 msgid "This option can also be set per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1038 msgid "" "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the files " "domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1045 +#: sssd.conf.5.xml:1046 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1048 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1052 +#: sssd.conf.5.xml:1053 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1055 +#: sssd.conf.5.xml:1056 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1073 +#: sssd.conf.5.xml:1061 sssd.conf.5.xml:1074 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1067 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 +#: sssd.conf.5.xml:1070 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1079 +#: sssd.conf.5.xml:1080 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1082 +#: sssd.conf.5.xml:1083 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1088 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1441,59 +1441,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1094 sssd.conf.5.xml:1192 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1100 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1103 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1108 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1111 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1114 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1118 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1121 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 sssd.8.xml:63 +#: sssd.conf.5.xml:1125 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1130 +#: sssd.conf.5.xml:1131 msgid "pam_response_filter (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1134 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1502,61 +1502,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1142 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1148 +#: sssd.conf.5.xml:1149 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1150 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1153 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1153 +#: sssd.conf.5.xml:1154 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1157 +#: sssd.conf.5.xml:1158 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1159 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1146 +#: sssd.conf.5.xml:1147 msgid "" "Currently the following filters are supported: <placeholder type=" "\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1169 msgid "Example: ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1174 +#: sssd.conf.5.xml:1175 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1178 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1564,7 +1564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1184 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1573,17 +1573,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1197 +#: sssd.conf.5.xml:1198 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1200 sssd.conf.5.xml:2078 +#: sssd.conf.5.xml:1201 sssd.conf.5.xml:2153 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1204 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1591,31 +1591,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1209 sssd.conf.5.xml:2081 +#: sssd.conf.5.xml:1210 sssd.conf.5.xml:2156 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 +#: sssd.conf.5.xml:1215 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1219 sssd.conf.5.xml:2901 sssd.8.xml:79 +#: sssd.conf.5.xml:1220 sssd.conf.5.xml:2976 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1236 +#: sssd.conf.5.xml:1237 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1240 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1625,74 +1625,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1249 +#: sssd.conf.5.xml:1250 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1253 +#: sssd.conf.5.xml:1254 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1260 +#: sssd.conf.5.xml:1261 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1263 +#: sssd.conf.5.xml:1264 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1268 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1271 +#: sssd.conf.5.xml:1272 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 +#: sssd.conf.5.xml:1276 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1279 sssd.conf.5.xml:1304 sssd.conf.5.xml:1323 -#: sssd.conf.5.xml:1875 sssd.conf.5.xml:2837 sssd-ldap.5.xml:1979 +#: sssd.conf.5.xml:1280 sssd.conf.5.xml:1305 sssd.conf.5.xml:1324 +#: sssd.conf.5.xml:1950 sssd.conf.5.xml:2912 sssd-ldap.5.xml:2017 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1284 +#: sssd.conf.5.xml:1285 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1288 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1292 +#: sssd.conf.5.xml:1293 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1300 +#: sssd.conf.5.xml:1301 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1700,19 +1700,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1309 +#: sssd.conf.5.xml:1310 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1312 +#: sssd.conf.5.xml:1313 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1320 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1720,12 +1720,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1328 +#: sssd.conf.5.xml:1329 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1332 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -1733,82 +1733,163 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1337 sssd.conf.5.xml:2930 sssd-ldap.5.xml:1087 -#: sssd-ldap.5.xml:1114 sssd-ldap.5.xml:1514 sssd-ldap.5.xml:1535 -#: sssd-ldap.5.xml:2052 include/ldap_id_mapping.xml:244 +#: sssd.conf.5.xml:1338 sssd.conf.5.xml:3056 sssd-ldap.5.xml:1125 +#: sssd-ldap.5.xml:1152 sssd-ldap.5.xml:1552 sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:2090 include/ldap_id_mapping.xml:244 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1342 +#: sssd.conf.5.xml:1343 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1346 msgid "" "The path to the certificate database which contain the PKCS#11 modules to " "access the Smartcard." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1349 sssd.conf.5.xml:1534 -#, fuzzy -#| msgid "Default: 3" +#: sssd.conf.5.xml:1350 sssd.conf.5.xml:1609 msgid "Default:" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1351 sssd.conf.5.xml:1536 +#: sssd.conf.5.xml:1352 sssd.conf.5.xml:1611 msgid "/etc/pki/nssdb (NSS version, path to a NSS database)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1354 sssd.conf.5.xml:1539 +#: sssd.conf.5.xml:1355 sssd.conf.5.xml:1614 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " "trusted CA certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1361 sssd.conf.5.xml:1546 +#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1621 msgid "This man page was generated for the NSS version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1364 sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1365 sssd.conf.5.xml:1624 msgid "This man page was generated for the OpenSSL version." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1369 +#: sssd.conf.5.xml:1370 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 +#: sssd.conf.5.xml:1373 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1382 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1385 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1394 +msgid "pam_p11_allowed_services (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:1397 +msgid "" +"A comma-separated list of PAM service names for which it will be allowed to " +"use Smartcards." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:1412 +#, no-wrap +msgid "" +"pam_p11_allowed_services = +my_pam_service, -login\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1401 +msgid "" +"It is possible to add another PAM service name to the default set by using " +"<quote>+service_name</quote> or to explicitly remove a PAM service name from " +"the default set by using <quote>-service_name</quote>. For example, in order " +"to replace a default PAM service name for authentication with Smartcards (e." +"g. <quote>login</quote>) with a custom PAM service name (e.g. " +"<quote>my_pam_service</quote>), you would use the following configuration: " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1416 sssd-ad.5.xml:485 sssd-ad.5.xml:581 sssd-ad.5.xml:627 +#: sssd-ad.5.xml:673 sssd-ad.5.xml:739 +msgid "Default: the default set of PAM service names includes:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1421 sssd-ad.5.xml:489 +msgid "login" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1426 sssd-ad.5.xml:494 +msgid "su" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1431 sssd-ad.5.xml:499 +msgid "su-l" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1436 sssd-ad.5.xml:514 +msgid "gdm-smartcard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1441 sssd-ad.5.xml:509 +msgid "gdm-password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1446 sssd-ad.5.xml:519 +msgid "kdm" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1451 sssd-ad.5.xml:748 +msgid "sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1456 sssd-ad.5.xml:753 +msgid "sudo-i" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1461 +msgid "gnome-screensaver" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1472 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1474 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -1819,24 +1900,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1416 +#: sssd.conf.5.xml:1491 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1494 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1431 +#: sssd.conf.5.xml:1506 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1509 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -1846,22 +1927,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1528 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1455 +#: sssd.conf.5.xml:1530 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1459 +#: sssd.conf.5.xml:1534 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1462 +#: sssd.conf.5.xml:1537 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1869,51 +1950,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1478 +#: sssd.conf.5.xml:1553 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1555 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1559 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1487 +#: sssd.conf.5.xml:1562 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1496 +#: sssd.conf.5.xml:1571 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1499 +#: sssd.conf.5.xml:1574 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1578 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1508 +#: sssd.conf.5.xml:1583 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1511 +#: sssd.conf.5.xml:1586 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -1922,24 +2003,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1601 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1529 +#: sssd.conf.5.xml:1604 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1632 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1634 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1950,7 +2031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1643 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -1961,24 +2042,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1576 +#: sssd.conf.5.xml:1651 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1657 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1586 sssd-ifp.5.xml:50 +#: sssd.conf.5.xml:1661 sssd-ifp.5.xml:50 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1589 +#: sssd.conf.5.xml:1664 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1986,12 +2067,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1670 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1674 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2000,24 +2081,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1683 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1686 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1699 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1626 +#: sssd.conf.5.xml:1701 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2027,66 +2108,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1714 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1643 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:1718 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1650 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:1725 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1653 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:1728 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1658 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:1733 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1661 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:1736 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1670 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:1745 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1673 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:1748 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1646 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:1721 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1680 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:1755 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1685 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:1760 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1688 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:1763 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2094,17 +2175,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:1769 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1699 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:1774 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1702 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:1777 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2112,7 +2193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1708 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:1783 sssd-session-recording.5.xml:129 msgid "" "NOTE: using this option (having it set to anything) has a considerable " "performance cost, because each uncached request for a user requires " @@ -2120,22 +2201,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1715 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:1790 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1725 +#: sssd.conf.5.xml:1800 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1732 +#: sssd.conf.5.xml:1807 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1810 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -2144,14 +2225,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1818 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1822 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -2160,38 +2241,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1830 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1759 +#: sssd.conf.5.xml:1834 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1838 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1769 +#: sssd.conf.5.xml:1844 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1772 +#: sssd.conf.5.xml:1847 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1777 +#: sssd.conf.5.xml:1852 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -2200,24 +2281,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1859 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1788 +#: sssd.conf.5.xml:1863 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1794 +#: sssd.conf.5.xml:1869 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1797 +#: sssd.conf.5.xml:1872 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -2226,29 +2307,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1880 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1808 +#: sssd.conf.5.xml:1883 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1811 sssd.conf.5.xml:2033 sssd.conf.5.xml:2208 +#: sssd.conf.5.xml:1886 sssd.conf.5.xml:2108 sssd.conf.5.xml:2283 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1814 +#: sssd.conf.5.xml:1889 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1819 +#: sssd.conf.5.xml:1894 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -2262,14 +2343,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1909 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1839 +#: sssd.conf.5.xml:1914 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -2278,39 +2359,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1847 +#: sssd.conf.5.xml:1922 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1855 +#: sssd.conf.5.xml:1930 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1862 +#: sssd.conf.5.xml:1937 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1863 +#: sssd.conf.5.xml:1938 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1866 +#: sssd.conf.5.xml:1941 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1867 +#: sssd.conf.5.xml:1942 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1858 +#: sssd.conf.5.xml:1933 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -2319,19 +2400,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1881 +#: sssd.conf.5.xml:1956 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1884 +#: sssd.conf.5.xml:1959 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1888 +#: sssd.conf.5.xml:1963 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -2342,151 +2423,151 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1901 +#: sssd.conf.5.xml:1976 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1907 +#: sssd.conf.5.xml:1982 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1910 +#: sssd.conf.5.xml:1985 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1914 sssd.conf.5.xml:1927 sssd.conf.5.xml:1940 -#: sssd.conf.5.xml:1953 sssd.conf.5.xml:1966 sssd.conf.5.xml:1980 -#: sssd.conf.5.xml:1994 +#: sssd.conf.5.xml:1989 sssd.conf.5.xml:2002 sssd.conf.5.xml:2015 +#: sssd.conf.5.xml:2028 sssd.conf.5.xml:2041 sssd.conf.5.xml:2055 +#: sssd.conf.5.xml:2069 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1920 +#: sssd.conf.5.xml:1995 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1923 +#: sssd.conf.5.xml:1998 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1933 +#: sssd.conf.5.xml:2008 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1936 +#: sssd.conf.5.xml:2011 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1946 +#: sssd.conf.5.xml:2021 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1949 +#: sssd.conf.5.xml:2024 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1959 +#: sssd.conf.5.xml:2034 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1962 +#: sssd.conf.5.xml:2037 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1972 +#: sssd.conf.5.xml:2047 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:2050 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1986 +#: sssd.conf.5.xml:2061 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1989 +#: sssd.conf.5.xml:2064 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2000 +#: sssd.conf.5.xml:2075 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2003 +#: sssd.conf.5.xml:2078 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2083 msgid "" "The background refresh will process users, groups and netgroups in the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2012 +#: sssd.conf.5.xml:2087 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2016 sssd-ldap.5.xml:746 sssd-ipa.5.xml:254 +#: sssd.conf.5.xml:2091 sssd-ldap.5.xml:784 sssd-ipa.5.xml:254 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2022 +#: sssd.conf.5.xml:2097 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2025 +#: sssd.conf.5.xml:2100 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2029 +#: sssd.conf.5.xml:2104 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2039 +#: sssd.conf.5.xml:2114 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2042 +#: sssd.conf.5.xml:2117 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -2494,24 +2575,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2049 +#: sssd.conf.5.xml:2124 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2054 +#: sssd.conf.5.xml:2129 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2060 +#: sssd.conf.5.xml:2135 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2063 +#: sssd.conf.5.xml:2138 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -2520,17 +2601,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2070 +#: sssd.conf.5.xml:2145 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2075 +#: sssd.conf.5.xml:2150 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2086 +#: sssd.conf.5.xml:2161 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2539,34 +2620,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:2168 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2099 +#: sssd.conf.5.xml:2174 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2102 +#: sssd.conf.5.xml:2177 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2106 +#: sssd.conf.5.xml:2181 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2109 +#: sssd.conf.5.xml:2184 msgid "" "<quote>local</quote>: SSSD internal provider for local users (DEPRECATED)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2113 +#: sssd.conf.5.xml:2188 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2574,7 +2655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2121 +#: sssd.conf.5.xml:2196 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -2582,8 +2663,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2129 sssd.conf.5.xml:2234 sssd.conf.5.xml:2289 -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2204 sssd.conf.5.xml:2309 sssd.conf.5.xml:2364 +#: sssd.conf.5.xml:2427 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -2592,8 +2673,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2138 sssd.conf.5.xml:2243 sssd.conf.5.xml:2298 -#: sssd.conf.5.xml:2361 +#: sssd.conf.5.xml:2213 sssd.conf.5.xml:2318 sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2436 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2601,19 +2682,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2149 +#: sssd.conf.5.xml:2224 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2152 +#: sssd.conf.5.xml:2227 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2157 +#: sssd.conf.5.xml:2232 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -2622,7 +2703,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2165 +#: sssd.conf.5.xml:2240 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -2630,22 +2711,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2172 +#: sssd.conf.5.xml:2247 msgid "Default: FALSE (TRUE if default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2178 +#: sssd.conf.5.xml:2253 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2181 +#: sssd.conf.5.xml:2256 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2184 +#: sssd.conf.5.xml:2259 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -2657,7 +2738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2202 +#: sssd.conf.5.xml:2277 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -2665,19 +2746,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2213 +#: sssd.conf.5.xml:2288 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2216 +#: sssd.conf.5.xml:2291 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2220 sssd.conf.5.xml:2282 +#: sssd.conf.5.xml:2295 sssd.conf.5.xml:2357 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2685,7 +2766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2227 +#: sssd.conf.5.xml:2302 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2693,35 +2774,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2251 +#: sssd.conf.5.xml:2326 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2254 +#: sssd.conf.5.xml:2329 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2258 +#: sssd.conf.5.xml:2333 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2261 +#: sssd.conf.5.xml:2336 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2267 +#: sssd.conf.5.xml:2342 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2270 +#: sssd.conf.5.xml:2345 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -2729,19 +2810,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2351 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2279 +#: sssd.conf.5.xml:2354 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2306 +#: sssd.conf.5.xml:2381 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -2750,7 +2831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2313 +#: sssd.conf.5.xml:2388 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -2758,29 +2839,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2320 +#: sssd.conf.5.xml:2395 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2323 +#: sssd.conf.5.xml:2398 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2403 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2331 +#: sssd.conf.5.xml:2406 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2411 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -2788,7 +2869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2419 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2796,35 +2877,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2369 +#: sssd.conf.5.xml:2444 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2373 +#: sssd.conf.5.xml:2448 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2376 +#: sssd.conf.5.xml:2451 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2383 +#: sssd.conf.5.xml:2458 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2386 +#: sssd.conf.5.xml:2461 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2390 +#: sssd.conf.5.xml:2465 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2832,32 +2913,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2473 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2402 +#: sssd.conf.5.xml:2477 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2406 +#: sssd.conf.5.xml:2481 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2409 sssd.conf.5.xml:2495 sssd.conf.5.xml:2565 -#: sssd.conf.5.xml:2590 +#: sssd.conf.5.xml:2484 sssd.conf.5.xml:2570 sssd.conf.5.xml:2640 +#: sssd.conf.5.xml:2665 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2413 +#: sssd.conf.5.xml:2488 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -2868,7 +2949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2428 +#: sssd.conf.5.xml:2503 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -2877,12 +2958,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2438 +#: sssd.conf.5.xml:2513 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2441 +#: sssd.conf.5.xml:2516 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2890,7 +2971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2447 +#: sssd.conf.5.xml:2522 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2898,31 +2979,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2455 +#: sssd.conf.5.xml:2530 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2458 +#: sssd.conf.5.xml:2533 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2464 +#: sssd.conf.5.xml:2539 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2467 +#: sssd.conf.5.xml:2542 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 +#: sssd.conf.5.xml:2548 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2930,7 +3011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2482 +#: sssd.conf.5.xml:2557 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -2939,17 +3020,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2491 +#: sssd.conf.5.xml:2566 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2501 +#: sssd.conf.5.xml:2576 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2504 +#: sssd.conf.5.xml:2579 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -2957,43 +3038,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2511 +#: sssd.conf.5.xml:2586 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2515 +#: sssd.conf.5.xml:2590 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2519 +#: sssd.conf.5.xml:2594 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2523 +#: sssd.conf.5.xml:2598 msgid "" "<emphasis>NOTE:</emphasis> In order to have this feature working as expected " "SSSD must be running as \"root\" and not as the unprivileged user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2531 +#: sssd.conf.5.xml:2606 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2534 +#: sssd.conf.5.xml:2609 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2538 +#: sssd.conf.5.xml:2613 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3001,7 +3082,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2545 +#: sssd.conf.5.xml:2620 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3009,7 +3090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2553 +#: sssd.conf.5.xml:2628 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3017,24 +3098,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2562 +#: sssd.conf.5.xml:2637 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2647 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2650 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2579 +#: sssd.conf.5.xml:2654 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3042,12 +3123,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2662 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2600 +#: sssd.conf.5.xml:2675 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -3057,7 +3138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2684 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -3066,29 +3147,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2614 +#: sssd.conf.5.xml:2689 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2692 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2620 +#: sssd.conf.5.xml:2695 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2623 +#: sssd.conf.5.xml:2698 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2703 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -3096,7 +3177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2709 msgid "" "NOTE: Some Active Directory groups, typically those used for MS Exchange " "contain an <quote>@</quote> sign in the name, which clashes with the default " @@ -3106,59 +3187,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2685 +#: sssd.conf.5.xml:2760 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2766 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2694 +#: sssd.conf.5.xml:2769 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2698 +#: sssd.conf.5.xml:2773 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2701 +#: sssd.conf.5.xml:2776 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2704 +#: sssd.conf.5.xml:2779 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2707 +#: sssd.conf.5.xml:2782 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2710 +#: sssd.conf.5.xml:2785 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2788 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2719 +#: sssd.conf.5.xml:2794 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2722 +#: sssd.conf.5.xml:2797 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -3167,77 +3248,77 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2729 +#: sssd.conf.5.xml:2804 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1438 -#: sssd-ldap.5.xml:1456 sssd-krb5.5.xml:248 +#: sssd.conf.5.xml:2809 sssd-ldap.5.xml:1434 sssd-ldap.5.xml:1476 +#: sssd-ldap.5.xml:1494 sssd-krb5.5.xml:248 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2740 +#: sssd.conf.5.xml:2815 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2743 +#: sssd.conf.5.xml:2818 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2747 +#: sssd.conf.5.xml:2822 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2753 +#: sssd.conf.5.xml:2828 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2756 +#: sssd.conf.5.xml:2831 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2762 +#: sssd.conf.5.xml:2837 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2845 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2848 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2779 +#: sssd.conf.5.xml:2854 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2781 +#: sssd.conf.5.xml:2856 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2785 +#: sssd.conf.5.xml:2860 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2788 +#: sssd.conf.5.xml:2863 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -3245,7 +3326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2765 +#: sssd.conf.5.xml:2840 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider. Possible option values are: " @@ -3253,17 +3334,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2800 +#: sssd.conf.5.xml:2875 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2806 +#: sssd.conf.5.xml:2881 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2884 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -3271,34 +3352,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2815 +#: sssd.conf.5.xml:2890 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2818 +#: sssd.conf.5.xml:2893 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2821 sssd-ldap.5.xml:1120 +#: sssd.conf.5.xml:2896 sssd-ldap.5.xml:1158 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2824 +#: sssd.conf.5.xml:2899 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2827 +#: sssd.conf.5.xml:2902 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2908 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -3306,32 +3387,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2831 sssd-secrets.5.xml:448 +#: sssd.conf.5.xml:2906 sssd-secrets.5.xml:448 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2840 +#: sssd.conf.5.xml:2915 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2847 +#: sssd.conf.5.xml:2922 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2858 +#: sssd.conf.5.xml:2933 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2859 +#: sssd.conf.5.xml:2934 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2925 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -3341,34 +3422,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2939 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2868 +#: sssd.conf.5.xml:2943 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2873 +#: sssd.conf.5.xml:2948 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2876 +#: sssd.conf.5.xml:2951 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2882 +#: sssd.conf.5.xml:2957 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2960 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -3376,12 +3457,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2891 +#: sssd.conf.5.xml:2966 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2895 +#: sssd.conf.5.xml:2970 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -3389,26 +3470,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2906 +#: sssd.conf.5.xml:2981 msgid "auto_private_groups (string)" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2987 +msgid "true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2990 +msgid "" +"Create user's private group unconditionally from user's UID number. The GID " +"number is ignored in this case." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:2996 +msgid "false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:2999 +msgid "" +"Always use the user's primary GID number. The GID number must refer to a " +"group object in the LDAP database." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:3005 +msgid "hybrid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3008 +msgid "" +"A primary group is autogenerated for user entries whose UID and GID numbers " +"have the same value and at the same time the GID number does not correspond " +"to a real group object in LDAP If the values are the same, but the primary " +"GID in the user entry is also used by a group object, the primary GID of the " +"user resolves to that group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3021 +msgid "" +"If the UID and GID of a user are different, then the GID must correspond to " +"a group entry, otherwise the GID is simply not resolvable." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:3028 +msgid "" +"This feature is useful for environments that wish to stop maintaining a " +"separate group objects for the user private groups, but also wish to retain " +"the existing user private groups." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2909 +#: sssd.conf.5.xml:2984 msgid "" -"If this option is enabled, SSSD will automatically create user private " -"groups based on user's UID number. The GID number is ignored in this case." +"This option takes any of three available values: <placeholder type=" +"\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 +#: sssd.conf.5.xml:3040 msgid "" "For POSIX subdomains, setting the option in the main domain is inherited in " "the subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2918 +#: sssd.conf.5.xml:3044 msgid "" "For ID-mapping subdomains, auto_private_groups is already enabled for the " "subdomains and setting it to false will not have any effect for the " @@ -3416,7 +3551,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:3049 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -3425,7 +3560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1727 +#: sssd.conf.5.xml:1802 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -3433,29 +3568,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2942 +#: sssd.conf.5.xml:3068 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2945 +#: sssd.conf.5.xml:3071 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:3074 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2956 +#: sssd.conf.5.xml:3082 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2959 +#: sssd.conf.5.xml:3085 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -3463,12 +3598,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:3095 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:3098 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -3477,12 +3612,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2986 +#: sssd.conf.5.xml:3112 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2989 +#: sssd.conf.5.xml:3115 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -3490,19 +3625,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2938 +#: sssd.conf.5.xml:3064 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3005 +#: sssd.conf.5.xml:3131 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3007 +#: sssd.conf.5.xml:3133 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -3519,7 +3654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3027 +#: sssd.conf.5.xml:3153 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -3527,17 +3662,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:3033 +#: sssd.conf.5.xml:3159 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3035 +#: sssd.conf.5.xml:3161 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3038 +#: sssd.conf.5.xml:3164 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -3546,7 +3681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3052 +#: sssd.conf.5.xml:3178 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -3556,7 +3691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:3060 +#: sssd.conf.5.xml:3186 #, no-wrap msgid "" "[sssd]\n" @@ -3576,12 +3711,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:3078 +#: sssd.conf.5.xml:3204 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:3080 +#: sssd.conf.5.xml:3206 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -3589,73 +3724,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3213 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3216 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3094 +#: sssd.conf.5.xml:3220 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3099 +#: sssd.conf.5.xml:3225 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3102 +#: sssd.conf.5.xml:3228 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3107 +#: sssd.conf.5.xml:3233 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3112 +#: sssd.conf.5.xml:3238 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3115 +#: sssd.conf.5.xml:3241 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3119 sssd.conf.5.xml:3131 +#: sssd.conf.5.xml:3245 sssd.conf.5.xml:3257 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3250 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3253 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3136 +#: sssd.conf.5.xml:3262 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3139 +#: sssd.conf.5.xml:3265 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -3663,17 +3798,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3147 +#: sssd.conf.5.xml:3273 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3152 +#: sssd.conf.5.xml:3278 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3155 +#: sssd.conf.5.xml:3281 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -3682,17 +3817,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3291 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3170 +#: sssd.conf.5.xml:3296 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3173 +#: sssd.conf.5.xml:3299 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -3700,17 +3835,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3180 +#: sssd.conf.5.xml:3306 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3185 +#: sssd.conf.5.xml:3311 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3188 +#: sssd.conf.5.xml:3314 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -3718,17 +3853,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3194 +#: sssd.conf.5.xml:3320 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3204 +#: sssd.conf.5.xml:3330 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3206 +#: sssd.conf.5.xml:3332 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -3739,64 +3874,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3339 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3214 +#: sssd.conf.5.xml:3340 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3215 +#: sssd.conf.5.xml:3341 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3216 +#: sssd.conf.5.xml:3342 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3217 +#: sssd.conf.5.xml:3343 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3218 +#: sssd.conf.5.xml:3344 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3219 +#: sssd.conf.5.xml:3345 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3346 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3221 sssd-ipa.5.xml:782 +#: sssd.conf.5.xml:3347 sssd-ipa.5.xml:782 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3223 +#: sssd.conf.5.xml:3349 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:3229 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:3355 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3361 #, no-wrap msgid "" "[sssd]\n" @@ -3826,7 +3961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3231 +#: sssd.conf.5.xml:3357 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -3835,7 +3970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3394 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -3843,7 +3978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:3262 +#: sssd.conf.5.xml:3388 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -3992,7 +4127,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:662 sssd-ad.5.xml:286 +#: sssd-ldap.5.xml:126 sssd-ldap.5.xml:700 sssd-ad.5.xml:286 #: sss_override.8.xml:137 sss_override.8.xml:234 msgid "Examples:" msgstr "" @@ -4087,123 +4222,164 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:209 -msgid "ldap_default_bind_dn (string)" +msgid "ldap_pwmodify_mode (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:212 +msgid "Specify the operation that is used to modify user password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:216 +msgid "Two modes are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:220 +msgid "exop - Password Modify Extended Operation (RFC 3062)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "ldap_modify - Direct modification of userPassword (not recommended)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:233 +msgid "" +"Note: First, a new connection is established to verify current password by " +"binding as the user that requested password change. If successful, this " +"connection is used to change the password therefore the user must have write " +"access to userPassword attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:241 +#, fuzzy +#| msgid "Default: 3" +msgid "Default: exop" +msgstr "默认: 3" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:247 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:250 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:219 +#: sssd-ldap.5.xml:257 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:222 +#: sssd-ldap.5.xml:260 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:226 +#: sssd-ldap.5.xml:264 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:229 +#: sssd-ldap.5.xml:267 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#: sssd-ldap.5.xml:270 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:235 +#: sssd-ldap.5.xml:273 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:241 +#: sssd-ldap.5.xml:279 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:244 +#: sssd-ldap.5.xml:282 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#: sssd-ldap.5.xml:289 msgid "ldap_user_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:292 msgid "The object class of a user entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:295 msgid "Default: posixAccount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:263 +#: sssd-ldap.5.xml:301 msgid "ldap_user_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:266 +#: sssd-ldap.5.xml:304 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:270 +#: sssd-ldap.5.xml:308 msgid "Default: uid (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:315 msgid "ldap_user_uid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:318 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:284 +#: sssd-ldap.5.xml:322 msgid "Default: uidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:290 +#: sssd-ldap.5.xml:328 msgid "ldap_user_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:293 +#: sssd-ldap.5.xml:331 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:335 sssd-ldap.5.xml:967 msgid "Default: gidNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:341 msgid "ldap_user_primary_group (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:344 msgid "" "Active Directory primary group attribute for ID-mapping. Note that this " "attribute should only be set manually if you are running the <quote>ldap</" @@ -4211,113 +4387,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:312 +#: sssd-ldap.5.xml:350 msgid "Default: unset (LDAP), primaryGroupID (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:318 +#: sssd-ldap.5.xml:356 msgid "ldap_user_gecos (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:321 +#: sssd-ldap.5.xml:359 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:325 +#: sssd-ldap.5.xml:363 msgid "Default: gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:331 +#: sssd-ldap.5.xml:369 msgid "ldap_user_home_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:334 +#: sssd-ldap.5.xml:372 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:376 msgid "Default: homeDirectory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:344 +#: sssd-ldap.5.xml:382 msgid "ldap_user_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:385 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:351 +#: sssd-ldap.5.xml:389 msgid "Default: loginShell" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:357 +#: sssd-ldap.5.xml:395 msgid "ldap_user_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:360 +#: sssd-ldap.5.xml:398 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 sssd-ldap.5.xml:955 +#: sssd-ldap.5.xml:402 sssd-ldap.5.xml:993 msgid "" "Default: not set in the general case, objectGUID for AD and ipaUniqueID for " "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:371 +#: sssd-ldap.5.xml:409 msgid "ldap_user_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:374 +#: sssd-ldap.5.xml:412 msgid "" "The LDAP attribute that contains the objectSID of an LDAP user object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:379 sssd-ldap.5.xml:970 +#: sssd-ldap.5.xml:417 sssd-ldap.5.xml:1008 msgid "Default: objectSid for ActiveDirectory, not set for other servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:424 msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:389 sssd-ldap.5.xml:980 sssd-ldap.5.xml:1203 +#: sssd-ldap.5.xml:427 sssd-ldap.5.xml:1018 sssd-ldap.5.xml:1241 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:393 sssd-ldap.5.xml:984 sssd-ldap.5.xml:1210 +#: sssd-ldap.5.xml:431 sssd-ldap.5.xml:1022 sssd-ldap.5.xml:1248 msgid "Default: modifyTimestamp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:399 +#: sssd-ldap.5.xml:437 msgid "ldap_user_shadow_last_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:402 +#: sssd-ldap.5.xml:440 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4326,17 +4502,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#: sssd-ldap.5.xml:450 msgid "Default: shadowLastChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#: sssd-ldap.5.xml:456 msgid "ldap_user_shadow_min (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#: sssd-ldap.5.xml:459 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4345,17 +4521,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:430 +#: sssd-ldap.5.xml:468 msgid "Default: shadowMin" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:436 +#: sssd-ldap.5.xml:474 msgid "ldap_user_shadow_max (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:477 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4364,17 +4540,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:448 +#: sssd-ldap.5.xml:486 msgid "Default: shadowMax" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:492 msgid "ldap_user_shadow_warning (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:495 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4383,17 +4559,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:467 +#: sssd-ldap.5.xml:505 msgid "Default: shadowWarning" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:473 +#: sssd-ldap.5.xml:511 msgid "ldap_user_shadow_inactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:476 +#: sssd-ldap.5.xml:514 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" @@ -4402,17 +4578,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:486 +#: sssd-ldap.5.xml:524 msgid "Default: shadowInactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:492 +#: sssd-ldap.5.xml:530 msgid "ldap_user_shadow_expire (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:495 +#: sssd-ldap.5.xml:533 msgid "" "When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " "parameter contains the name of an LDAP attribute corresponding to its " @@ -4421,17 +4597,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:505 +#: sssd-ldap.5.xml:543 msgid "Default: shadowExpire" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:511 +#: sssd-ldap.5.xml:549 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:514 +#: sssd-ldap.5.xml:552 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " @@ -4439,155 +4615,155 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:520 +#: sssd-ldap.5.xml:558 msgid "Default: krbLastPwdChange" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:526 +#: sssd-ldap.5.xml:564 msgid "ldap_user_krb_password_expiration (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:529 +#: sssd-ldap.5.xml:567 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:573 msgid "Default: krbPasswordExpiration" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:541 +#: sssd-ldap.5.xml:579 msgid "ldap_user_ad_account_expires (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:544 +#: sssd-ldap.5.xml:582 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the expiration time of the account." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:549 +#: sssd-ldap.5.xml:587 msgid "Default: accountExpires" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:593 msgid "ldap_user_ad_user_account_control (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:596 msgid "" "When using ldap_account_expire_policy=ad, this parameter contains the name " "of an LDAP attribute storing the user account control bit field." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:563 +#: sssd-ldap.5.xml:601 msgid "Default: userAccountControl" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:569 +#: sssd-ldap.5.xml:607 msgid "ldap_ns_account_lock (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:572 +#: sssd-ldap.5.xml:610 msgid "" "When using ldap_account_expire_policy=rhds or equivalent, this parameter " "determines if access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:577 +#: sssd-ldap.5.xml:615 msgid "Default: nsAccountLock" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#: sssd-ldap.5.xml:621 msgid "ldap_user_nds_login_disabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#: sssd-ldap.5.xml:624 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines if " "access is allowed or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:590 sssd-ldap.5.xml:604 +#: sssd-ldap.5.xml:628 sssd-ldap.5.xml:642 msgid "Default: loginDisabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:596 +#: sssd-ldap.5.xml:634 msgid "ldap_user_nds_login_expiration_time (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:599 +#: sssd-ldap.5.xml:637 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines until " "which date access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:610 +#: sssd-ldap.5.xml:648 msgid "ldap_user_nds_login_allowed_time_map (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:651 msgid "" "When using ldap_account_expire_policy=nds, this attribute determines the " "hours of a day in a week when access is granted." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:656 msgid "Default: loginAllowedTimeMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#: sssd-ldap.5.xml:662 msgid "ldap_user_principal (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#: sssd-ldap.5.xml:665 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#: sssd-ldap.5.xml:669 msgid "Default: krbPrincipalName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:675 msgid "ldap_user_extra_attrs (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:678 msgid "" "Comma-separated list of LDAP attributes that SSSD would fetch along with the " "usual set of user attributes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:645 +#: sssd-ldap.5.xml:683 msgid "" "The list can either contain LDAP attribute names only, or colon-separated " "tuples of SSSD cache attribute name and LDAP attribute name. In case only " @@ -4597,7 +4773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:655 +#: sssd-ldap.5.xml:693 msgid "" "Please note that several attribute names are reserved by SSSD, notably the " "<quote>name</quote> attribute. SSSD would report an error if any of the " @@ -4605,51 +4781,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:665 +#: sssd-ldap.5.xml:703 msgid "ldap_user_extra_attrs = telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:668 +#: sssd-ldap.5.xml:706 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as " "<quote>telephoneNumber</quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:672 +#: sssd-ldap.5.xml:710 msgid "ldap_user_extra_attrs = phone:telephoneNumber" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:675 +#: sssd-ldap.5.xml:713 msgid "" "Save the <quote>telephoneNumber</quote> attribute from LDAP as <quote>phone</" "quote> to the cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:685 +#: sssd-ldap.5.xml:723 msgid "ldap_user_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:688 +#: sssd-ldap.5.xml:726 msgid "The LDAP attribute that contains the user's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:692 sssd-ldap.5.xml:1306 +#: sssd-ldap.5.xml:730 sssd-ldap.5.xml:1344 msgid "Default: sshPublicKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:698 +#: sssd-ldap.5.xml:736 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:701 +#: sssd-ldap.5.xml:739 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -4658,24 +4834,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:714 +#: sssd-ldap.5.xml:752 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:717 +#: sssd-ldap.5.xml:755 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:728 +#: sssd-ldap.5.xml:766 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:769 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -4683,7 +4859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:737 +#: sssd-ldap.5.xml:775 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -4692,43 +4868,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:752 +#: sssd-ldap.5.xml:790 msgid "ldap_user_fullname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:755 +#: sssd-ldap.5.xml:793 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 sssd-ldap.5.xml:1161 sssd-ldap.5.xml:1235 -#: sssd-ldap.5.xml:1344 sssd-ldap.5.xml:2405 sssd-ipa.5.xml:607 +#: sssd-ldap.5.xml:797 sssd-ldap.5.xml:1199 sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1382 sssd-ldap.5.xml:2443 sssd-ipa.5.xml:607 msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:765 +#: sssd-ldap.5.xml:803 msgid "ldap_user_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#: sssd-ldap.5.xml:806 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 sssd-ldap.5.xml:1274 +#: sssd-ldap.5.xml:810 sssd-ldap.5.xml:1312 msgid "Default: memberOf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#: sssd-ldap.5.xml:816 msgid "ldap_user_authorized_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#: sssd-ldap.5.xml:819 msgid "" "If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " "use the presence of the authorizedService attribute in the user's LDAP entry " @@ -4736,14 +4912,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:788 +#: sssd-ldap.5.xml:826 msgid "" "An explicit deny (!svc) is resolved first. Second, SSSD searches for " "explicit allow (svc) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:793 +#: sssd-ldap.5.xml:831 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>authorized_service</quote> in order for the " @@ -4751,17 +4927,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:800 +#: sssd-ldap.5.xml:838 msgid "Default: authorizedService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:806 +#: sssd-ldap.5.xml:844 msgid "ldap_user_authorized_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:809 +#: sssd-ldap.5.xml:847 msgid "" "If access_provider=ldap and ldap_access_order=host, SSSD will use the " "presence of the host attribute in the user's LDAP entry to determine access " @@ -4769,14 +4945,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:853 msgid "" "An explicit deny (!host) is resolved first. Second, SSSD searches for " "explicit allow (host) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:820 +#: sssd-ldap.5.xml:858 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>host</quote> in order for the " @@ -4784,17 +4960,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:865 msgid "Default: host" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:833 +#: sssd-ldap.5.xml:871 msgid "ldap_user_authorized_rhost (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:836 +#: sssd-ldap.5.xml:874 msgid "" "If access_provider=ldap and ldap_access_order=rhost, SSSD will use the " "presence of the rhost attribute in the user's LDAP entry to determine access " @@ -4802,14 +4978,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:843 +#: sssd-ldap.5.xml:881 msgid "" "An explicit deny (!rhost) is resolved first. Second, SSSD searches for " "explicit allow (rhost) and finally for allow_all (*)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:848 +#: sssd-ldap.5.xml:886 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>rhost</quote> in order for the " @@ -4817,37 +4993,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:893 msgid "Default: rhost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:861 +#: sssd-ldap.5.xml:899 msgid "ldap_user_certificate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:864 +#: sssd-ldap.5.xml:902 msgid "Name of the LDAP attribute containing the X509 certificate of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:906 msgid "Default: userCertificate;binary" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:912 msgid "ldap_user_email (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:915 msgid "Name of the LDAP attribute containing the email address of the user." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#: sssd-ldap.5.xml:919 msgid "" "Note: If an email address of a user conflicts with an email address or fully " "qualified name of another user, then SSSD will not be able to serve those " @@ -4857,106 +5033,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:890 +#: sssd-ldap.5.xml:928 msgid "Default: mail" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:934 msgid "ldap_group_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:937 msgid "The object class of a group entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:902 +#: sssd-ldap.5.xml:940 msgid "Default: posixGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:908 +#: sssd-ldap.5.xml:946 msgid "ldap_group_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:911 +#: sssd-ldap.5.xml:949 msgid "The LDAP attribute that corresponds to the group name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:953 msgid "Default: cn (rfc2307, rfc2307bis and IPA), sAMAccountName (AD)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:922 +#: sssd-ldap.5.xml:960 msgid "ldap_group_gid_number (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:925 +#: sssd-ldap.5.xml:963 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:973 msgid "ldap_group_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:938 +#: sssd-ldap.5.xml:976 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#: sssd-ldap.5.xml:980 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:986 msgid "ldap_group_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:951 +#: sssd-ldap.5.xml:989 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:962 +#: sssd-ldap.5.xml:1000 msgid "ldap_group_objectsid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:965 +#: sssd-ldap.5.xml:1003 msgid "" "The LDAP attribute that contains the objectSID of an LDAP group object. This " "is usually only necessary for ActiveDirectory servers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:1015 msgid "ldap_group_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:990 +#: sssd-ldap.5.xml:1028 msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1031 msgid "" "The LDAP attribute that contains an integer value indicating the type of the " "group and maybe other flags." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#: sssd-ldap.5.xml:1036 msgid "" "This attribute is currently only used by the AD provider to determine if a " "group is a domain local groups and has to be filtered out for trusted " @@ -4964,34 +5140,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:1042 msgid "Default: groupType in the AD provider, otherwise not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1011 +#: sssd-ldap.5.xml:1049 msgid "ldap_group_external_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1014 +#: sssd-ldap.5.xml:1052 msgid "" "The LDAP attribute that references group members that are defined in an " "external domain. At the moment, only IPA's external members are supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:1058 msgid "Default: ipaExternalMember in the IPA provider, otherwise unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1065 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1030 +#: sssd-ldap.5.xml:1068 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4999,7 +5175,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1037 +#: sssd-ldap.5.xml:1075 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5009,7 +5185,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#: sssd-ldap.5.xml:1084 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5019,17 +5195,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1055 +#: sssd-ldap.5.xml:1093 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1061 +#: sssd-ldap.5.xml:1099 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1102 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -5037,14 +5213,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1070 +#: sssd-ldap.5.xml:1108 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1075 sssd-ldap.5.xml:1102 +#: sssd-ldap.5.xml:1113 sssd-ldap.5.xml:1140 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -5052,7 +5228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1081 sssd-ldap.5.xml:1108 +#: sssd-ldap.5.xml:1119 sssd-ldap.5.xml:1146 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -5061,12 +5237,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1093 +#: sssd-ldap.5.xml:1131 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1096 +#: sssd-ldap.5.xml:1134 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -5074,172 +5250,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1123 +#: sssd-ldap.5.xml:1161 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1128 +#: sssd-ldap.5.xml:1166 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1172 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1137 +#: sssd-ldap.5.xml:1175 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1140 +#: sssd-ldap.5.xml:1178 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1144 +#: sssd-ldap.5.xml:1182 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1150 +#: sssd-ldap.5.xml:1188 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1153 +#: sssd-ldap.5.xml:1191 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 +#: sssd-ldap.5.xml:1195 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1167 +#: sssd-ldap.5.xml:1205 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1170 +#: sssd-ldap.5.xml:1208 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1174 +#: sssd-ldap.5.xml:1212 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1178 +#: sssd-ldap.5.xml:1216 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1184 +#: sssd-ldap.5.xml:1222 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1187 +#: sssd-ldap.5.xml:1225 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 sssd-ldap.5.xml:1207 +#: sssd-ldap.5.xml:1229 sssd-ldap.5.xml:1245 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1232 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1238 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1216 +#: sssd-ldap.5.xml:1254 msgid "ldap_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1219 +#: sssd-ldap.5.xml:1257 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1222 sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1260 sssd-ldap.5.xml:1369 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1266 msgid "ldap_host_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1231 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1269 sssd-ldap.5.xml:1295 msgid "The LDAP attribute that corresponds to the host's name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1241 +#: sssd-ldap.5.xml:1279 msgid "ldap_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1244 +#: sssd-ldap.5.xml:1282 msgid "" "The LDAP attribute that corresponds to the host's fully-qualified domain " "name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1286 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1254 +#: sssd-ldap.5.xml:1292 msgid "ldap_host_serverhostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1261 +#: sssd-ldap.5.xml:1299 msgid "Default: serverHostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1267 +#: sssd-ldap.5.xml:1305 msgid "ldap_host_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1270 +#: sssd-ldap.5.xml:1308 msgid "The LDAP attribute that lists the host's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1280 +#: sssd-ldap.5.xml:1318 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1283 +#: sssd-ldap.5.xml:1321 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1287 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 +#: sssd-ldap.5.xml:1325 sssd-ipa.5.xml:359 sssd-ipa.5.xml:378 #: sssd-ipa.5.xml:397 sssd-ipa.5.xml:416 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " @@ -5247,95 +5423,95 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:1292 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:1330 sssd-ipa.5.xml:364 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1299 +#: sssd-ldap.5.xml:1337 msgid "ldap_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1340 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1312 +#: sssd-ldap.5.xml:1350 msgid "ldap_host_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1353 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP host object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1363 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1366 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1375 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1340 +#: sssd-ldap.5.xml:1378 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1350 +#: sssd-ldap.5.xml:1388 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1353 +#: sssd-ldap.5.xml:1391 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1357 +#: sssd-ldap.5.xml:1395 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1363 +#: sssd-ldap.5.xml:1401 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1366 +#: sssd-ldap.5.xml:1404 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1370 +#: sssd-ldap.5.xml:1408 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1376 +#: sssd-ldap.5.xml:1414 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1381 +#: sssd-ldap.5.xml:1419 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1384 +#: sssd-ldap.5.xml:1422 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5343,7 +5519,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1390 +#: sssd-ldap.5.xml:1428 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5351,12 +5527,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1402 +#: sssd-ldap.5.xml:1440 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1443 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5364,12 +5540,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1456 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1459 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5380,12 +5556,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1444 +#: sssd-ldap.5.xml:1482 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1447 +#: sssd-ldap.5.xml:1485 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5394,12 +5570,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1462 +#: sssd-ldap.5.xml:1500 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 +#: sssd-ldap.5.xml:1503 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5408,34 +5584,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 sssd-ldap.5.xml:2562 +#: sssd-ldap.5.xml:1511 sssd-ldap.5.xml:2600 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1479 +#: sssd-ldap.5.xml:1517 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1520 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1487 +#: sssd-ldap.5.xml:1525 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1493 +#: sssd-ldap.5.xml:1531 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1534 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -5443,14 +5619,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1502 +#: sssd-ldap.5.xml:1540 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1508 +#: sssd-ldap.5.xml:1546 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -5458,17 +5634,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1558 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1561 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1526 +#: sssd-ldap.5.xml:1564 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -5478,12 +5654,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1541 +#: sssd-ldap.5.xml:1579 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1582 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -5491,17 +5667,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1550 +#: sssd-ldap.5.xml:1588 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 +#: sssd-ldap.5.xml:1595 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1598 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -5509,13 +5685,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1604 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1608 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -5524,7 +5700,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1578 +#: sssd-ldap.5.xml:1616 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -5532,26 +5708,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1591 +#: sssd-ldap.5.xml:1629 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1594 +#: sssd-ldap.5.xml:1632 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1600 +#: sssd-ldap.5.xml:1638 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1604 +#: sssd-ldap.5.xml:1642 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5559,7 +5735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1611 +#: sssd-ldap.5.xml:1649 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -5567,7 +5743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1655 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -5575,41 +5751,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1661 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 +#: sssd-ldap.5.xml:1665 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1633 +#: sssd-ldap.5.xml:1671 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1636 +#: sssd-ldap.5.xml:1674 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 sssd-ldap.5.xml:1659 sssd-ldap.5.xml:1700 +#: sssd-ldap.5.xml:1679 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:1738 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1686 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1651 +#: sssd-ldap.5.xml:1689 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -5618,32 +5794,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1666 +#: sssd-ldap.5.xml:1704 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1707 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1717 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1720 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1691 +#: sssd-ldap.5.xml:1729 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1694 +#: sssd-ldap.5.xml:1732 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -5651,24 +5827,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1707 +#: sssd-ldap.5.xml:1745 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1748 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1758 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1761 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -5676,17 +5852,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1767 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1777 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1742 +#: sssd-ldap.5.xml:1780 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -5697,29 +5873,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1754 +#: sssd-ldap.5.xml:1792 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1760 +#: sssd-ldap.5.xml:1798 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1801 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1773 +#: sssd-ldap.5.xml:1811 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1822 #, no-wrap msgid "" "hostname@REALM\n" @@ -5732,7 +5908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1776 +#: sssd-ldap.5.xml:1814 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -5744,17 +5920,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1795 +#: sssd-ldap.5.xml:1833 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1801 +#: sssd-ldap.5.xml:1839 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1842 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -5762,49 +5938,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1848 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1854 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1857 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1824 +#: sssd-ldap.5.xml:1862 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1868 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1833 +#: sssd-ldap.5.xml:1871 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1874 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1880 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1883 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -5812,27 +5988,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1895 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1860 +#: sssd-ldap.5.xml:1898 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1864 sssd-ad.5.xml:937 +#: sssd-ldap.5.xml:1902 sssd-ad.5.xml:959 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1870 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1908 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1873 +#: sssd-ldap.5.xml:1911 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -5844,7 +6020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1923 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -5852,7 +6028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1890 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1928 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -5860,39 +6036,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1899 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1937 sssd-ipa.5.xml:428 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1940 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1943 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 sssd-krb5.5.xml:462 +#: sssd-ldap.5.xml:1949 sssd-krb5.5.xml:462 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1952 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 sssd-krb5.5.xml:477 +#: sssd-ldap.5.xml:1964 sssd-krb5.5.xml:477 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 sssd-krb5.5.xml:480 +#: sssd-ldap.5.xml:1967 sssd-krb5.5.xml:480 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -5902,7 +6078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1940 sssd-krb5.5.xml:491 +#: sssd-ldap.5.xml:1978 sssd-krb5.5.xml:491 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -5910,26 +6086,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1954 +#: sssd-ldap.5.xml:1992 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1995 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1962 +#: sssd-ldap.5.xml:2000 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:2005 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5937,7 +6113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1973 +#: sssd-ldap.5.xml:2011 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5945,31 +6121,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1982 +#: sssd-ldap.5.xml:2020 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2028 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2031 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1997 +#: sssd-ldap.5.xml:2035 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2002 +#: sssd-ldap.5.xml:2040 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5978,56 +6154,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2016 +#: sssd-ldap.5.xml:2054 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2019 +#: sssd-ldap.5.xml:2057 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2023 +#: sssd-ldap.5.xml:2061 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2029 +#: sssd-ldap.5.xml:2067 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2070 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2037 +#: sssd-ldap.5.xml:2075 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2081 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2046 +#: sssd-ldap.5.xml:2084 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2058 +#: sssd-ldap.5.xml:2096 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2061 +#: sssd-ldap.5.xml:2099 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6043,12 +6219,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2081 +#: sssd-ldap.5.xml:2119 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2122 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6057,14 +6233,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2088 +#: sssd-ldap.5.xml:2126 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2131 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6073,24 +6249,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 sssd-ldap.5.xml:2158 +#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2196 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2107 +#: sssd-ldap.5.xml:2145 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2110 +#: sssd-ldap.5.xml:2148 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2114 +#: sssd-ldap.5.xml:2152 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6098,19 +6274,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2159 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2124 +#: sssd-ldap.5.xml:2162 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2129 +#: sssd-ldap.5.xml:2167 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6119,7 +6295,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2136 +#: sssd-ldap.5.xml:2174 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6127,7 +6303,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2180 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6136,7 +6312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2151 +#: sssd-ldap.5.xml:2189 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6144,22 +6320,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2164 +#: sssd-ldap.5.xml:2202 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2167 +#: sssd-ldap.5.xml:2205 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2171 +#: sssd-ldap.5.xml:2209 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2174 +#: sssd-ldap.5.xml:2212 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6169,14 +6345,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2184 +#: sssd-ldap.5.xml:2222 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2191 +#: sssd-ldap.5.xml:2229 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6189,12 +6365,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2208 +#: sssd-ldap.5.xml:2246 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2250 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6204,7 +6380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2260 msgid "" "The difference between these options is the action taken if user password is " "expired: pwd_expire_policy_reject - user is denied to log in, " @@ -6214,63 +6390,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2230 +#: sssd-ldap.5.xml:2268 msgid "" "Note If user password is expired no explicit message is prompted by SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2234 +#: sssd-ldap.5.xml:2272 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to an appropriate password policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2277 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2282 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2248 +#: sssd-ldap.5.xml:2286 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2252 +#: sssd-ldap.5.xml:2290 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2257 +#: sssd-ldap.5.xml:2295 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2298 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2305 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2270 +#: sssd-ldap.5.xml:2308 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6279,74 +6455,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2278 +#: sssd-ldap.5.xml:2316 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2281 +#: sssd-ldap.5.xml:2319 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2325 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 +#: sssd-ldap.5.xml:2328 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2295 +#: sssd-ldap.5.xml:2333 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2299 +#: sssd-ldap.5.xml:2337 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2342 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2309 +#: sssd-ldap.5.xml:2347 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2314 +#: sssd-ldap.5.xml:2352 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2322 +#: sssd-ldap.5.xml:2360 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2363 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2329 +#: sssd-ldap.5.xml:2367 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -6357,7 +6533,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2378 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -6365,24 +6541,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2352 sssd-ifp.5.xml:136 +#: sssd-ldap.5.xml:2390 sssd-ifp.5.xml:136 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2355 +#: sssd-ldap.5.xml:2393 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2359 +#: sssd-ldap.5.xml:2397 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2363 +#: sssd-ldap.5.xml:2401 msgid "Default: 1000 (often the size of one page)" msgstr "" @@ -6397,12 +6573,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2373 +#: sssd-ldap.5.xml:2411 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2375 +#: sssd-ldap.5.xml:2413 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -6410,208 +6586,208 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2386 +#: sssd-ldap.5.xml:2424 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2427 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2392 +#: sssd-ldap.5.xml:2430 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2398 +#: sssd-ldap.5.xml:2436 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2401 +#: sssd-ldap.5.xml:2439 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2411 +#: sssd-ldap.5.xml:2449 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2414 +#: sssd-ldap.5.xml:2452 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2418 +#: sssd-ldap.5.xml:2456 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2424 +#: sssd-ldap.5.xml:2462 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2427 +#: sssd-ldap.5.xml:2465 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2432 +#: sssd-ldap.5.xml:2470 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2438 +#: sssd-ldap.5.xml:2476 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2441 +#: sssd-ldap.5.xml:2479 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2445 +#: sssd-ldap.5.xml:2483 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2451 +#: sssd-ldap.5.xml:2489 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2454 +#: sssd-ldap.5.xml:2492 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2458 +#: sssd-ldap.5.xml:2496 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2464 +#: sssd-ldap.5.xml:2502 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2467 +#: sssd-ldap.5.xml:2505 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2471 +#: sssd-ldap.5.xml:2509 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2477 +#: sssd-ldap.5.xml:2515 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2480 +#: sssd-ldap.5.xml:2518 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2484 +#: sssd-ldap.5.xml:2522 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2490 +#: sssd-ldap.5.xml:2528 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2493 +#: sssd-ldap.5.xml:2531 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2497 +#: sssd-ldap.5.xml:2535 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2503 +#: sssd-ldap.5.xml:2541 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2506 +#: sssd-ldap.5.xml:2544 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2511 +#: sssd-ldap.5.xml:2549 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2517 +#: sssd-ldap.5.xml:2555 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2520 +#: sssd-ldap.5.xml:2558 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2524 +#: sssd-ldap.5.xml:2562 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2530 +#: sssd-ldap.5.xml:2568 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2533 +#: sssd-ldap.5.xml:2571 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2538 +#: sssd-ldap.5.xml:2576 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2543 +#: sssd-ldap.5.xml:2581 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2549 +#: sssd-ldap.5.xml:2587 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2552 +#: sssd-ldap.5.xml:2590 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -6619,101 +6795,101 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2558 +#: sssd-ldap.5.xml:2596 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2568 +#: sssd-ldap.5.xml:2606 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2571 +#: sssd-ldap.5.xml:2609 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2582 +#: sssd-ldap.5.xml:2620 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2585 +#: sssd-ldap.5.xml:2623 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2590 +#: sssd-ldap.5.xml:2628 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2595 sssd-ldap.5.xml:2618 sssd-ldap.5.xml:2636 -#: sssd-ldap.5.xml:2654 +#: sssd-ldap.5.xml:2633 sssd-ldap.5.xml:2656 sssd-ldap.5.xml:2674 +#: sssd-ldap.5.xml:2692 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2600 sssd-ldap.5.xml:2623 +#: sssd-ldap.5.xml:2638 sssd-ldap.5.xml:2661 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2606 +#: sssd-ldap.5.xml:2644 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2609 +#: sssd-ldap.5.xml:2647 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2614 +#: sssd-ldap.5.xml:2652 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2629 +#: sssd-ldap.5.xml:2667 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2632 +#: sssd-ldap.5.xml:2670 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2647 +#: sssd-ldap.5.xml:2685 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2650 +#: sssd-ldap.5.xml:2688 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2666 +#: sssd-ldap.5.xml:2704 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -6722,111 +6898,111 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2676 +#: sssd-ldap.5.xml:2714 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2678 +#: sssd-ldap.5.xml:2716 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2684 +#: sssd-ldap.5.xml:2722 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2687 +#: sssd-ldap.5.xml:2725 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2690 +#: sssd-ldap.5.xml:2728 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2697 +#: sssd-ldap.5.xml:2735 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2700 +#: sssd-ldap.5.xml:2738 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2703 +#: sssd-ldap.5.xml:2741 msgid "Default: nisMap (rfc2307, autofs_provider=ad), otherwise automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2711 +#: sssd-ldap.5.xml:2749 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2714 +#: sssd-ldap.5.xml:2752 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2717 +#: sssd-ldap.5.xml:2755 msgid "" "Default: nisMapName (rfc2307, autofs_provider=ad), otherwise automountMapName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2725 +#: sssd-ldap.5.xml:2763 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2728 +#: sssd-ldap.5.xml:2766 msgid "" "The object class of an automount entry in LDAP. The entry usually " "corresponds to a mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2733 +#: sssd-ldap.5.xml:2771 msgid "Default: nisObject (rfc2307, autofs_provider=ad), otherwise automount" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2741 +#: sssd-ldap.5.xml:2779 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2744 sssd-ldap.5.xml:2759 +#: sssd-ldap.5.xml:2782 sssd-ldap.5.xml:2797 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2748 +#: sssd-ldap.5.xml:2786 msgid "Default: cn (rfc2307, autofs_provider=ad), otherwise automountKey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2756 +#: sssd-ldap.5.xml:2794 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2763 +#: sssd-ldap.5.xml:2801 msgid "" "Default: nisMapEntry (rfc2307, autofs_provider=ad), otherwise " "automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2682 +#: sssd-ldap.5.xml:2720 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -6835,32 +7011,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2774 +#: sssd-ldap.5.xml:2812 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2781 +#: sssd-ldap.5.xml:2819 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2786 +#: sssd-ldap.5.xml:2824 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2791 +#: sssd-ldap.5.xml:2829 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:2796 +#: sssd-ldap.5.xml:2834 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:2798 +#: sssd-ldap.5.xml:2836 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -6869,22 +7045,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:2805 +#: sssd-ldap.5.xml:2843 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2807 +#: sssd-ldap.5.xml:2845 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2812 +#: sssd-ldap.5.xml:2850 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2776 +#: sssd-ldap.5.xml:2814 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -6893,14 +7069,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2827 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 -#: sssd-ad.5.xml:1041 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:2865 sssd-simple.5.xml:131 sssd-ipa.5.xml:828 +#: sssd-ad.5.xml:1063 sssd-krb5.5.xml:570 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:103 sssd-session-recording.5.xml:144 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2829 +#: sssd-ldap.5.xml:2867 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -6908,7 +7084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2835 +#: sssd-ldap.5.xml:2873 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6921,27 +7097,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2834 sssd-ldap.5.xml:2852 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1049 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 +#: sssd-ldap.5.xml:2872 sssd-ldap.5.xml:2890 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:836 sssd-ad.5.xml:1071 sssd-sudo.5.xml:56 sssd-krb5.5.xml:579 #: sssd-files.5.xml:110 sssd-session-recording.5.xml:150 #: include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2846 +#: sssd-ldap.5.xml:2884 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2848 +#: sssd-ldap.5.xml:2886 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2853 +#: sssd-ldap.5.xml:2891 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -6957,13 +7133,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2868 sssd_krb5_locator_plugin.8.xml:61 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1064 sssd.8.xml:230 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2906 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1086 sssd.8.xml:230 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2870 +#: sssd-ldap.5.xml:2908 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -7223,31 +7399,94 @@ msgstr "" #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " -"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" -"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " -"libraries what Realm and which KDC to use. Typically this is done in " -"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " -"To simplify the configuration the Realm and the KDC can be defined in " -"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" -"manvolnum> </citerefentry> as described in <citerefentry> " -"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" -"citerefentry>" +"used by libkrb5 to find KDCs for a given Kerberos realm. SSSD provides such " +"a plugin to guide all Kerberos clients on a system to a single KDC. In " +"general it should not matter to which KDC a client process is talking to. " +"But there are cases, e.g. after a password change, where not all KDCs are in " +"the same state because the new data has to be replicated first. To avoid " +"unexpected authentication failures and maybe even account lockings it would " +"be good to talk to a single KDC as long as possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:48 +#: sssd_krb5_locator_plugin.8.xml:34 msgid "" -"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " -"</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " -"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " -"libraries it reads and evaluates these variables and returns them to the " -"libraries." +"libkrb5 will search the locator plugin in the libkrb5 sub-directory of the " +"Kerberos plugin directory, see plugin_base_dir in <citerefentry> " +"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for details. The plugin can only be disabled by removing the " +"plugin file. There is no option in the Kerberos configuration to disable it. " +"But the SSSD_KRB5_LOCATOR_DISABLE environment variable can be used to " +"disable the plugin for individual commands. Alternatively the SSSD option " +"krb5_use_kdcinfo=False can be used to not generate the data needed by the " +"plugin. With this the plugin is still called but will provide no data to the " +"caller so that libkrb5 can fall back to other methods defined in krb5.conf." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:50 +msgid "" +"The plugin reads the information about the KDCs of a given realm from a file " +"called <filename>kdcinfo.REALM</filename>. The file should contain one or " +"more DNS names or IP addresses either in dotted-decimal IPv4 notation or the " +"hexadecimal IPv6 notation. An optional port number can be added to the end " +"separated with a colon, the IPv6 address has to be enclosed in squared " +"brackets in this case as usual. Valid entries are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:58 +msgid "kdc.example.com" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:59 +msgid "kdc.example.com:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:60 +msgid "1.2.3.4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:61 +msgid "5.6.7.8:99" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd_krb5_locator_plugin.8.xml:62 +msgid "2001:db8:85a3::8a2e:370:7334" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> #: sssd_krb5_locator_plugin.8.xml:63 +msgid "[2001:db8:85a3::8a2e:370:7334]:321" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:65 +msgid "" +"SSSD's krb5 auth-provider which is used by the IPA and AD providers as well " +"adds the address of the current KDC or domain controller SSSD is using to " +"this file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:70 +msgid "" +"In environments with read-only and read-write KDCs where clients are " +"expected to use the read-only instances for the general operations and only " +"the read-write KDC for config changes like password changes a " +"<filename>kpasswdinfo.REALM</filename> is used as well to identify read-" +"write KDCs. If this file exists for the given realm the content will be used " +"by the plugin to reply to requests for a kpasswd or kadmin server or for the " +"MIT Kerberos specific master KDC. If the address contains a port number the " +"default KDC port 88 will be used for the latter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:85 msgid "" "Not all Kerberos implementations support the use of plugins. If " "<command>sssd_krb5_locator_plugin</command> is not available on your system " @@ -7255,20 +7494,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:69 +#: sssd_krb5_locator_plugin.8.xml:91 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " "debug messages will be sent to stderr." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd_krb5_locator_plugin.8.xml:73 +#: sssd_krb5_locator_plugin.8.xml:95 msgid "" "If the environment variable SSSD_KRB5_LOCATOR_DISABLE is set to any value " "the plugin is disabled and will just return KRB5_PLUGIN_NO_HANDLE to the " "caller." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:100 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_IGNORE_DNS_FAILURES is set to " +"any value plugin will try to resolve all DNS names in kdcinfo file. By " +"default plugin returns KRB5_PLUGIN_NO_HANDLE to the caller immediately on " +"first DNS resolving failure." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" @@ -8365,7 +8613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:866 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:888 msgid "dyndns_update (boolean)" msgstr "" @@ -8380,7 +8628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:140 sssd-ad.5.xml:880 +#: sssd-ipa.5.xml:140 sssd-ad.5.xml:902 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -8395,12 +8643,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:157 sssd-ad.5.xml:891 +#: sssd-ipa.5.xml:157 sssd-ad.5.xml:913 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:160 sssd-ad.5.xml:894 +#: sssd-ipa.5.xml:160 sssd-ad.5.xml:916 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -8421,12 +8669,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:177 sssd-ad.5.xml:905 +#: sssd-ipa.5.xml:177 sssd-ad.5.xml:927 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:180 sssd-ad.5.xml:908 +#: sssd-ipa.5.xml:180 sssd-ad.5.xml:930 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -8450,17 +8698,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:197 sssd-ad.5.xml:919 +#: sssd-ipa.5.xml:197 sssd-ad.5.xml:941 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:203 sssd-ad.5.xml:970 +#: sssd-ipa.5.xml:203 sssd-ad.5.xml:992 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:206 sssd-ad.5.xml:973 +#: sssd-ipa.5.xml:206 sssd-ad.5.xml:995 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -8468,7 +8716,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:212 sssd-ad.5.xml:979 +#: sssd-ipa.5.xml:212 sssd-ad.5.xml:1001 msgid "Default: GSS-TSIG" msgstr "" @@ -8495,7 +8743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:244 sssd-ad.5.xml:925 +#: sssd-ipa.5.xml:244 sssd-ad.5.xml:947 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -8508,12 +8756,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:943 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:965 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:263 sssd-ad.5.xml:946 +#: sssd-ipa.5.xml:263 sssd-ad.5.xml:968 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -8532,50 +8780,50 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:280 sssd-ad.5.xml:957 +#: sssd-ipa.5.xml:280 sssd-ad.5.xml:979 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:283 sssd-ad.5.xml:960 +#: sssd-ipa.5.xml:283 sssd-ad.5.xml:982 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:287 sssd-ad.5.xml:964 +#: sssd-ipa.5.xml:287 sssd-ad.5.xml:986 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:293 sssd-ad.5.xml:985 +#: sssd-ipa.5.xml:293 sssd-ad.5.xml:1007 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:296 sssd-ad.5.xml:988 +#: sssd-ipa.5.xml:296 sssd-ad.5.xml:1010 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:993 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1015 msgid "" "Setting this option makes sense for environments where the DNS server is " "different from the identity server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:306 sssd-ad.5.xml:998 +#: sssd-ipa.5.xml:306 sssd-ad.5.xml:1020 msgid "" "Please note that this option will be only used in fallback attempt when " "previous attempt using autodetected settings failed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1003 +#: sssd-ipa.5.xml:311 sssd-ad.5.xml:1025 msgid "Default: None (let nsupdate choose the server)" msgstr "" @@ -8686,26 +8934,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1012 +#: sssd-ipa.5.xml:443 sssd-ad.5.xml:1034 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1015 +#: sssd-ipa.5.xml:446 sssd-ad.5.xml:1037 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1019 +#: sssd-ipa.5.xml:450 sssd-ad.5.xml:1041 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1023 +#: sssd-ipa.5.xml:454 sssd-ad.5.xml:1045 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -8724,7 +8972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:431 +#: sssd-ipa.5.xml:471 sssd-ipa.5.xml:501 sssd-ipa.5.xml:517 sssd-ad.5.xml:452 msgid "Default: 5 (seconds)" msgstr "" @@ -9585,24 +9833,45 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:421 -msgid "ad_gpo_cache_timeout (integer)" +msgid "ad_gpo_implicit_deny (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:424 msgid "" +"Normally when no applicable GPOs are found the users are allowed access. " +"When this option is set to True users will be allowed access only when " +"explicitly allowed by a GPO rule. Otherwise users will be denied access. " +"This can be used to harden security but be careful when using this option " +"because it can deny access even to users in the built-in Administrators " +"group if no GPO rules apply to them." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:435 +msgid "Default: False (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:442 +msgid "ad_gpo_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:445 +msgid "" "The amount of time between lookups of GPO policy files against the AD " "server. This will reduce the latency and load on the AD server if there are " "many access-control requests made in a short period." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:437 +#: sssd-ad.5.xml:458 msgid "ad_gpo_map_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:440 +#: sssd-ad.5.xml:461 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the InteractiveLogonRight and " @@ -9610,14 +9879,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:446 +#: sssd-ad.5.xml:467 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on locally\" and \"Deny log on locally\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:460 +#: sssd-ad.5.xml:481 #, no-wrap msgid "" "ad_gpo_map_interactive = +my_pam_service, -login\n" @@ -9625,7 +9894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:451 +#: sssd-ad.5.xml:472 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9636,79 +9905,43 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:464 sssd-ad.5.xml:560 sssd-ad.5.xml:606 sssd-ad.5.xml:651 -#: sssd-ad.5.xml:717 -msgid "Default: the default set of PAM service names includes:" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:468 -msgid "login" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:473 -msgid "su" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:478 -msgid "su-l" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:483 +#: sssd-ad.5.xml:504 msgid "gdm-fingerprint" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:488 -msgid "gdm-password" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:493 -msgid "gdm-smartcard" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:498 -msgid "kdm" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:503 +#: sssd-ad.5.xml:524 msgid "lightdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:508 +#: sssd-ad.5.xml:529 msgid "lxdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:513 +#: sssd-ad.5.xml:534 msgid "sddm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:518 +#: sssd-ad.5.xml:539 msgid "unity" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:523 +#: sssd-ad.5.xml:544 msgid "xdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:532 +#: sssd-ad.5.xml:553 msgid "ad_gpo_map_remote_interactive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:535 +#: sssd-ad.5.xml:556 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the RemoteInteractiveLogonRight and " @@ -9716,7 +9949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:541 +#: sssd-ad.5.xml:562 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on through Remote Desktop Services\" and \"Deny log on through Remote " @@ -9724,7 +9957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:556 +#: sssd-ad.5.xml:577 #, no-wrap msgid "" "ad_gpo_map_remote_interactive = +my_pam_service, -sshd\n" @@ -9732,7 +9965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:547 +#: sssd-ad.5.xml:568 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9744,22 +9977,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:564 +#: sssd-ad.5.xml:585 msgid "sshd" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:569 +#: sssd-ad.5.xml:590 msgid "cockpit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:578 +#: sssd-ad.5.xml:599 msgid "ad_gpo_map_network (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:581 +#: sssd-ad.5.xml:602 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the NetworkLogonRight and " @@ -9767,7 +10000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:587 +#: sssd-ad.5.xml:608 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Access " "this computer from the network\" and \"Deny access to this computer from the " @@ -9775,7 +10008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:602 +#: sssd-ad.5.xml:623 #, no-wrap msgid "" "ad_gpo_map_network = +my_pam_service, -ftp\n" @@ -9783,7 +10016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:593 +#: sssd-ad.5.xml:614 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9795,22 +10028,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:610 +#: sssd-ad.5.xml:631 msgid "ftp" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:615 +#: sssd-ad.5.xml:636 msgid "samba" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:624 +#: sssd-ad.5.xml:645 msgid "ad_gpo_map_batch (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:627 +#: sssd-ad.5.xml:648 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the BatchLogonRight and DenyBatchLogonRight " @@ -9818,14 +10051,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:633 +#: sssd-ad.5.xml:654 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a batch job\" and \"Deny log on as a batch job\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:647 +#: sssd-ad.5.xml:668 #, no-wrap msgid "" "ad_gpo_map_batch = +my_pam_service, -crond\n" @@ -9833,7 +10066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:638 +#: sssd-ad.5.xml:659 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9844,18 +10077,24 @@ msgid "" "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:671 +msgid "" +"Note: Cron service name may differ depending on Linux distribution used." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:655 +#: sssd-ad.5.xml:677 msgid "crond" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:664 +#: sssd-ad.5.xml:686 msgid "ad_gpo_map_service (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:667 +#: sssd-ad.5.xml:689 msgid "" "A comma-separated list of PAM service names for which GPO-based access " "control is evaluated based on the ServiceLogonRight and " @@ -9863,14 +10102,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:673 +#: sssd-ad.5.xml:695 msgid "" "Note: Using the Group Policy Management Editor this value is called \"Allow " "log on as a service\" and \"Deny log on as a service\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:686 +#: sssd-ad.5.xml:708 #, no-wrap msgid "" "ad_gpo_map_service = +my_pam_service\n" @@ -9878,7 +10117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:678 sssd-ad.5.xml:753 +#: sssd-ad.5.xml:700 sssd-ad.5.xml:775 msgid "" "It is possible to add a PAM service name to the default set by using <quote>" "+service_name</quote>. Since the default set is empty, it is not possible " @@ -9889,19 +10128,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:696 +#: sssd-ad.5.xml:718 msgid "ad_gpo_map_permit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:699 +#: sssd-ad.5.xml:721 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always granted, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:713 +#: sssd-ad.5.xml:735 #, no-wrap msgid "" "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -9909,7 +10148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:704 +#: sssd-ad.5.xml:726 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -9921,39 +10160,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:721 +#: sssd-ad.5.xml:743 msgid "polkit-1" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:726 -msgid "sudo" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:731 -msgid "sudo-i" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:736 +#: sssd-ad.5.xml:758 msgid "systemd-user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:745 +#: sssd-ad.5.xml:767 msgid "ad_gpo_map_deny (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:748 +#: sssd-ad.5.xml:770 msgid "" "A comma-separated list of PAM service names for which GPO-based access is " "always denied, regardless of any GPO Logon Rights." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ad.5.xml:761 +#: sssd-ad.5.xml:783 #, no-wrap msgid "" "ad_gpo_map_deny = +my_pam_service\n" @@ -9961,12 +10190,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:771 +#: sssd-ad.5.xml:793 msgid "ad_gpo_default_right (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:774 +#: sssd-ad.5.xml:796 msgid "" "This option defines how access control is evaluated for PAM service names " "that are not explicitly listed in one of the ad_gpo_map_* options. This " @@ -9979,57 +10208,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:787 +#: sssd-ad.5.xml:809 msgid "Supported values for this option include:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:791 +#: sssd-ad.5.xml:813 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:796 +#: sssd-ad.5.xml:818 msgid "remote_interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:801 +#: sssd-ad.5.xml:823 msgid "network" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:806 +#: sssd-ad.5.xml:828 msgid "batch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:811 +#: sssd-ad.5.xml:833 msgid "service" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:816 +#: sssd-ad.5.xml:838 msgid "permit" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ad.5.xml:821 +#: sssd-ad.5.xml:843 msgid "deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:827 +#: sssd-ad.5.xml:849 msgid "Default: deny" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:833 +#: sssd-ad.5.xml:855 msgid "ad_maximum_machine_account_password_age (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:836 +#: sssd-ad.5.xml:858 msgid "" "SSSD will check once a day if the machine account password is older than the " "given age in days and try to renew it. A value of 0 will disable the renewal " @@ -10037,17 +10266,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:842 +#: sssd-ad.5.xml:864 msgid "Default: 30 days" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:848 +#: sssd-ad.5.xml:870 msgid "ad_machine_account_password_renewal_opts (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:851 +#: sssd-ad.5.xml:873 msgid "" "This option should only be used to test the machine account renewal task. " "The option expects 2 integers separated by a colon (':'). The first integer " @@ -10057,12 +10286,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:860 +#: sssd-ad.5.xml:882 msgid "Default: 86400:750 (24h and 15m)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:869 +#: sssd-ad.5.xml:891 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -10073,19 +10302,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:899 +#: sssd-ad.5.xml:921 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:915 +#: sssd-ad.5.xml:937 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:928 +#: sssd-ad.5.xml:950 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -10095,12 +10324,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:951 sss_rpcidmapd.5.xml:76 +#: sssd-ad.5.xml:973 sss_rpcidmapd.5.xml:76 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1043 +#: sssd-ad.5.xml:1065 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10108,7 +10337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1050 +#: sssd-ad.5.xml:1072 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -10123,7 +10352,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1070 +#: sssd-ad.5.xml:1092 #, no-wrap msgid "" "access_provider = ldap\n" @@ -10132,7 +10361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1066 +#: sssd-ad.5.xml:1088 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -10140,7 +10369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1076 +#: sssd-ad.5.xml:1098 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -10150,7 +10379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1084 +#: sssd-ad.5.xml:1106 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -12857,14 +13086,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_ssh_knownhostsproxy.1.xml:89 -#, fuzzy -#| msgid "" -#| "<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -#| "replaceable>" -msgid "<option>-k</option>,<option>--pubkeys</option>" +msgid "<option>-k</option>,<option>--pubkey</option>" msgstr "" -"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" -"replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:93 @@ -13009,10 +13232,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:78 -#, fuzzy -#| msgid "Default: 3" msgid "Default: /etc/passwd" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-files.5.xml:84 @@ -13029,10 +13250,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-files.5.xml:93 -#, fuzzy -#| msgid "Default: 3" msgid "Default: /etc/group" -msgstr "默认: 3" +msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-files.5.xml:59 @@ -15527,6 +15746,26 @@ msgid "" "be used to get a TGT with." msgstr "" +#. type: Content of: <refsect1><refsect2><title> +#: include/ad_modified_defaults.xml:80 +msgid "NSS configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:84 +msgid "fallback_homedir = /home/%d/%u" +msgstr "" + +#. type: Content of: <refsect1><refsect2><itemizedlist><listitem><para> +#: include/ad_modified_defaults.xml:87 +msgid "" +"The AD provider automatically sets \"fallback_homedir = /home/%d/%u\" to " +"provide personal home directories for users without the homeDirectory " +"attribute. If your AD Domain is properly populated with Posix attributes, " +"and you want to avoid this fallback behavior, you can explicitly set " +"\"fallback_homedir = %o\"." +msgstr "" + #. type: Content of: <refsect1><para> #: include/ipa_modified_defaults.xml:4 msgid ""